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About This Course 


CompTIA A+ certified professionals are proven problem solvers. They support today's core 
technologies from security to cloud to data management and more. CompTIA A+ is the industry 
standard for launching IT careers into today's digital world. It is the only industry recognized 
credential with performance-based items to prove pros can think on their feet to perform critical IT 
support tasks in the moment. It is trusted by employers around the world to identify the go-to 
person in end point management and technical support roles. CompTIA At is regularly re-invented 
by IT experts to ensure that it validates core skills and abilities demanded in the workplace. 

The Official CompTIA® A+® Core 1 and Core 2 (Exams 220-1001 and 220-1002) course provides the 
background knowledge and skills you will require to be a successful A+ technician. It will help you 
prepare to take the CompTIA A+ Core Series certification examinations (exam numbers 220-1001 
and 220-1002), in order to become a CompTIA A+ Certified Professional. 


Course Description 


Target Student 


This course is designed for individuals who have basic computer user skills and who are interested 
in obtaining a job as an entry-level IT technician. This course is also designed for students who are 
seeking the CompTIA A+ certification and who want to prepare for the CompTIA A+ Core 1 
220-1001 Certification Exam and the CompTIA A+ Core 2 220-1002 Certification Exam. 


Prerequisites 

To ensure your success in this course, you should have experience with basic computer user skills, 
be able to complete tasks in a Microsoft® Windows® environment, be able to search for, browse, 
and access information on the Internet, and have basic knowledge of computing concepts. You can 
obtain this level of skills and knowledge by taking the following official CompTIA courses: 

* The Official CompTIA® IT Fundamentals+ (Exam FCO-U61) 


Note: The prerequisites for this course might differ significantly from the prerequisites for the 
CompTIA certification exams. For the most up-to-date information about the exam prerequisites, 
complete the form on this page: https://certification.comptia.org/training/exam-objectives 


Course Objectives 

In this course, you will install, configure, optimize, troubleshoot, repair, upgrade, and perform 
preventive maintenance on personal computers, digital devices, and operating systems. 

You will: 


* Support operating systems. 

e Install and configure PC system unit components and peripheral devices. 
e Install, configure, and troubleshoot display and multimedia devices. 
e Install, configure, and troubleshoot storage devices. 

* Install, configure, and troubleshoot internal system components. 

* Install, configure, and maintain operating systems. 

e Maintain and troubleshoot Microsoft Windows. 

* Explain network infrastructure concepts. 

* Configure and troubleshoot network connections. 

* Manage users, workstations, and shared resources. 

* Implement client virtualization and cloud computing. 

* Implement physical security. 

* Secure workstations and data. 
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* Troubleshoot workstation security issues. 

* Support and troubleshoot laptops. 

* Support and troubleshoot mobile devices. 

* Install, configure, and troubleshoot print devices. 
* Implement operational procedures. 


The CompTIA CHOICE Home Screen 


Logon and access information for your CHOICE environment will be provided with your 
class experience. The platform is your entry point to the learning experience, of which 
this course manual is only one part. 

On the Home screen, you can access the Course screens for your specific courses. Visit 
the Course screen both during and after class to make use of the world of support and 
instructional resources that make up the learning experience. 

Each Course screen will give you access to the following resources: 


* Classroom: A link to your training provider's classroom environment. 

* eBook: An interactive electronic version of the printed book for your course. 

* Files: Any course files available to download. 

* Checklists: Step-by-step procedures and general guidelines you can use as a 
reference during and after class. 

* Videos: Brief videos, developed exclusively for CompTIA by ITPro.TV, provide 
demonstrations of key activities in the course. These are a good alternative to view 
if you do not have access to all equipment mentioned in the course. 

+ Assessment: A series of different assessments for each lesson as well as an overall 
course self-assessment. 

Depending on the nature of your course and the components chosen by your learning 

provider, the CHOICE Course screen may also include access to elements such as: 

* LogicalLABs, a virtual technical environment for your course. 

* CertMaster Practice, an adaptive knowledge assessment and practice test platform. 

+ Various partner resources related to the courseware. 

* Related certifications or credentials. 

* Alink to your training provider's website. 

* Notices from the CHOICE administrator. 

* Newsletters and other communications from your learning provider. 

e Mentoring services. 

Visit your CHOICE Home screen often to connect, communicate, and extend your 

learning experience! 


How to Use This Book 


As You Learn 
This book is divided into lessons and topics, covering a subject or a set of related 
subjects. In most cases, lessons are arranged in order of increasing proficiency. 


The results-oriented topics include relevant and supporting information you need to 
master the content. Each topic has various types of activities designed to enable you to 
solidify your understanding of the informational material presented in the course. 
Information is provided for reference and reflection to facilitate understanding and 
practice. 


Data files for various activities as well as other supporting files for the course are 
available by download from the CHOICE Course screen. In addition to sample data for 
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the course exercises, the course files may contain media components to enhance your 
learning and additional reference materials for use both during and after the course. 


Checklists of procedures and guidelines can be used during class and as after-class 
references when you're back on the job and need to refresh your understanding. 


At the back of the book, you will find a glossary of the definitions of the terms and 
concepts used throughout the course. You will also find an index to assist in locating 
information within the instructional components of the book. In many electronic 
versions of the book, you can click links on key words in the content to move to the 
associated glossary definition, and on page references in the index to move to that 
term in the content. To return to the previous location in the document after clicking a 
link, use the appropriate functionality in your PDF viewing software. 


As You Review 

Any method of instruction is only as effective as the time and effort you, the student, 
are willing to invest in it. In addition, some of the information that you learn in class 
may not be important to you immediately, but it may become important later. For this 
reason, we encourage you to spend some time reviewing the content of the course 
after your time in the classroom. 


As a Reference 

The organization and layout of this book make it an easy-to-use resource for future 
reference. Taking advantage of the glossary, index, and table of contents, you can use 
this book as a first source of definitions, background information, and summaries. 


Course Icons 
Watch throughout the material for the following visual cues. 


Student Icon Student Icon Descriptive Text 


A Note provides additional information, guidance, or hints about a 
topic or task. 


A Caution note makes you aware of places where you need to be 
particularly careful with your actions, settings, or decisions, so that you 
can be sure to get the desired results of an activity or task. 


Video notes show you where an associated video is particularly 
relevant to the content. These videos can be accessed through the 
Video tile in CHOICE. 


Checklists provide job aids you can use after class as a reference to 
perform skills back on the job. Access checklists from your CHOICE 
Course screen. 


Additional Practice Questions are available in the Assessment tile in 
your CHOICE Course screen. 


m B O > © 
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Lesson 1 


Installing and Configuring PC Components 


LESSON INTRODUCTION 


You have been looking at how the operating system runs the computer and how you can use OS 
tools to configure the settings and hardware. A very large percentage of the work that most IT 
technicians do entails working with hardware, including installing, upgrading, repairing, 
configuring, maintaining, optimizing, and troubleshooting computer components. 


In this lesson, you will turn your attention to the computer's system components and peripheral 
devices. You will see how they are connected and configured to create a customizable PC platform. 


LESSON OBJECTIVES 


In this lesson, you will: 


e Use appropriate safety procedures for avoiding hazards associated with PC support and 
minimize the risk of damage from ESD. 


* Identify PC components. 
* Identify common connection interfaces and the cables and connectors used with them. 
* Install peripheral devices. 
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Use Appropriate Safety Procedures 


EXAM OBJECTIVES COVERED 
A 1002-4.4 Explain common safety procedures. 


To complete PC support tasks without damaging the equipment that you are servicing 
or causing physical injury to yourself or others, there are several tools to use and 
operational procedures to follow in order to get the job done quickly, safely, and 
correctly. In this topic, you will identify the best practices for PC technicians to follow to 
promote electrical and environmental safety. 


LOCAL GOVERNMENT REGULATIONS 


When performing PC maintenance work, you may need to take account of compliance 
with government regulations. Regulations that typically affect PC maintenance or the 
installation of new equipment are: 


e Health and safety laws: Keeping the workplace free from hazards. 

* Building codes: Ensuring that fire prevention and electrical systems are intact and 
safe. 

e Environmental regulations: Disposing of waste correctly. 


For example, in the United States, the most common safety regulations are those 
issued by the federal government, such as the Occupational Safety and Health 
Administration (OSHA), and state standards regarding employee safety. OSHA- 
compliant employers must provide: 


* Aworkplace that is free from recognized hazards that could cause serious physical 
harm. 

e Personal protective equipment designed to protect employees from certain 
hazards. 

* Communication—in the form of labeling, Material Safety Data Sheets (MSDSs), and 
training about hazardous materials. 


While specific regulations may vary from country to country and state to state, in 
general employers are responsible for providing a safe and healthy working 
environment for their employees. Employees have a responsibility to use equipment in 
the workplace in accordance with the guidelines given to them and to report any 
hazards. Employees should also not interfere with any safety systems, including signs 
or warnings or devices such as firefighting equipment. Employees should not introduce 
or install devices, equipment, or materials to the workplace without authorization or 
without making an assessment of the installation. 


HEALTH AND SAFETY PROCEDURES 


A company's health and safety procedures should be set out in a handbook, possibly 
as part of an employee's induction handbook. Health and safety procedures should: 


* Identify what to do in the event of a fire or other emergency. 
* Identify responsible persons (for example, for overall health and safety, nominated 
first aiders, fire marshals, and so on). 
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* Identify hazardous areas in the workspace and precautions to take when entering 
them. 

* Describe best practice for use and care of the workspace and equipment within it. 

* Establish an incident reporting procedure for detecting and eliminating workplace 
hazards and accidents. 


GENERAL EMERGENCY PROCEDURES 


Here is a general procedure for emergency situations: 


1. Raise the alarm and contact the emergency services, giving them a description of 
the emergency and your location. 

2. If possible, make the scene safe. For example, if you are faced with a fire, establish 
that you have an escape route, or if faced with electrical shock, disconnect the 
power (if it is safe for you to do so). 

3. Ifyou have training and it is safe to do so, do what you can to tackle the 
emergency (for example, give first aid or use firefighting equipment). 


Of course, circumstances might dictate that you do something differently. It is vital that 
you keep calm and do not act rashly. 


ELECTRICAL HAZARDS 


The most prevalent physical hazards that computer technicians face are electrical 
hazards. Electricity is necessary to run a computer, but it can also damage sensitive 
computer equipment, and in some cases, pose a danger to humans. Following 
established best practices for promoting electrical safety will protect not only the 
computer equipment that you work on, but also your personal safety and the safety of 
others. 


Electrical equipment can give an electric shock if it is broken, faulty, or installed 
incorrectly. An electric shock can cause muscle spasms, severe burns, or even kill 
(electrocution). 


Electrical currents can pass through metal and most liquids, so neither should be 
allowed to come into contact with any electrical device installations. Damaged 
components or cables are also a risk and should be replaced or isolated immediately. 
It is important to test electrical devices regularly. The frequency will depend on the 
environment in which the device is used. In some countries, portable appliance 
testing (PAT) carried out by a qualified electrician or technician ensures that a device 
is safe to use. 


The human body is an electrical conductor and a resistor, so a current will pass 
through it and make it heat up, manifesting as a burn if the current is strong enough. A 
current can interfere with the body's nervous system, which also uses electrical signals. 
This might manifest as spasm or paralysis or in a severe case cause a heart attack. 
Collateral injuries occur when involuntary muscle contractions caused by the shock 
cause the body to fall or come in contact with sharp edges or electrically live parts. 


Electricity can hurt you even if you are careful and avoid becoming part of an electrical 
ground circuit. The heat generated by an electric arc or electrical equipment can burn 
your skin or set your clothes on fire. 


Note: High voltages (over about 30V) are more dangerous because they have the power 

@ to push more current through you (skin's resistance drops at higher voltages), but it is the 
current that causes the actual damage. This is why static electricity is not dangerous to 
you, despite the high voltages. More current will flow if a larger area of your body is 
exposed. 
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FUSES 


An electrical device must be fitted with a fuse appropriate to its power output. A fuse 
blows if there is a problem with the electrical supply, breaking the circuit to the power 
source. Fuses come in different ratings, such as 3A, 5A, and 13A. A device's instructions 
will indicate what rating of fuse to use, but most computer equipment is rated at 3A or 
5A. If the fuse fitted is rated too low, it will blow too easily; if the rating is too high, it 
may not blow when it should (it will allow too much current to pass through the 
device). 


If multiple devices need to be attached to a single power point, a power strip of sockets 
should be used. If too many devices are attached to a single point, there is a risk that 
they will overheat and cause a fire. "Daisy-chaining" one power strip to another is 
dangerous. The total amperage of devices connected to the strip must not exceed the 
strip's maximum load (typically 12 amps). 


EQUIPMENT GROUNDING 


Electrical equipment must also be grounded (or earthed). If there is a fault that causes 
metal parts in the equipment to become live, a ground provides a path of least 
resistance for the electrical current to flow away harmlessly. Most computer products 
(PCs, printers, and so on) are connected to the building ground via the power plug. 
However, the large metal equipment racks often used to house servers and network 
equipment must also be grounded. Do not disconnect the ground wire. If it has to be 
removed, make sure it is replaced by a competent electrician. 


Grounding terminals and wires. (Image by phadventure © 123RF.com.) 


HIGH VOLTAGE DEVICE SAFETY 


Most of the internal circuitry in a computer is low voltage (12 V or less) and low current, 
so there is not much of a threat to your personal safety. However, there are exceptions 
to this, and these exceptions can be very dangerous. Power supplies, CRT monitors, 
the inverter card in an LCD display's fluorescent backlight, and laser printers can carry 
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dangerously high levels of voltage. Charges held in capacitors can persist for hours 
after the power supply is turned off. You should not open these units unless you have 
been specifically trained to do so. Adhere to all printed warnings, and never remove or 
break open any safety devices that carry such a warning. 


Caution: Never insert anything into the power supply fan to get it to rotate. This 
approach does not work, and it is dangerous. 


ELECTRICAL FIRE SAFETY 


Faulty electrical equipment can pose a fire risk. If the equipment allows more current 
to flow through a cable than the cable is rated for, the cable will heat up. This could 
ignite flammable material close to the cable. If an electrical wire does start a fire, it is 
important to use the correct type of extinguisher to put it out. Many extinguishers use 
water or foam, which can be dangerous if used near live electrical equipment. The best 
type to use is a Carbon Dioxide (CO,) gas extinguisher. CO, extinguishers have a black 
label. Dry powder extinguishers can also be used, though these can damage electronic 
equipment. 


Caution: Care must be taken in confined spaces as the CO, plus smoke from the fire will 
quickly replace the available oxygen, making it hard to breathe. 


You should also ensure that the electricity supply is turned off. This should happen 
automatically (the fuses for the circuit should trip), but make sure you know the 
location of the power master switches for a building. 


GUIDELINES FOR WORKING SAFELY WITH ELECTRICAL 
SYSTEMS 


Note: All of the Guidelines for this lesson are available as checklists from the Checklist 
Vf tile on the CHOICE Course screen. 


Consider these guidelines as you prepare to work with electrical equipment. 


ELECTRICAL SAFETY 

Follow these guidelines to work safely with electrical systems: 

* Do not work on electrical systems unless you have a good understanding of the 
risks and appropriate safety procedures. 


* Do not attempt repair work when you are tired; you may make careless mistakes, 
and your primary diagnostic tool, deductive reasoning, will not be operating at full 
capacity. 

* Do not assume anything without checking it out for yourself. A ground wire might 
have been disconnected or never properly installed, for example. 

* Disconnect the power to a circuit if you must handle it. 

* Hold down the power button on the device to ensure the circuits are drained of 
residual power. 

+ Test live parts with a multimeter to ensure that no voltage is present. 

+ Always use properly insulated tools and never grip a tool by its metal parts. 


Note: It is especially important not to touch the live parts of multimeter probes, as 
these may be connected to an energized circuit. Handle the probes by the insulated 


sheaths only. 
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* Take care not to touch any part of a circuit with both hands to reduce the risk of a 
serious shock. This is called the "hand in pocket" rule. It reduces the chance that the 
current will pass through your chest and cause a heart attack. 

* Make sure your hands and the surrounding area are dry. Sweat can make your 
hands more conductive. 

* Do not leave any spill hazards in the vicinity and ensure you are not standing on a 
wet floor. 

* Do not wear jewelry, a wrist watch, or other items such as name badges that may 
dangle from your neck or wrist, as they can cause a short circuit or become trapped 
by moving parts. 


ENVIRONMENTAL SAFETY 


In addition to electrical hazards, there are other environmental issues that computer 
technicians must deal with on a regular basis. The health and safety of you and those 
around you should always be your highest priority. Recognizing potential 
environmental hazards and properly dealing with them in a safe manner is a critical 
responsibility for a CompTIA® A+° technician. 


Category Description 

Trip hazards A trip hazard is caused by putting any object in 
pathways where people walk. 

Lifting and carrying risks Lifting a heavy object in the wrong way can damage 


your back or cause muscle strains and ligament 
damage. You may also drop the object and injure 
yourself or damage the object. Lifting and manual 
handling risks are not limited to particularly heavy 
objects. An object that is large or awkward to carry 
could cause you to trip over or walk into something 
else. An object that has sharp or rough edges or 
contains a hot or corrosive liquid could cause you to 
cut or hurt yourself. 


TOXIC WASTE HANDLING 


The conditions surrounding computer equipment can be an issue when there is a large 
number of airborne particles flowing in and around various devices. Contaminants can 
be either gaseous, such as ozone; particles, such as dust; or organic, which comes from 
industrial processing of fossil fuels or plastics. There is also a risk of poisonous or 
corrosive chemicals leaking from faulty equipment. Special care must be taken in 
respect of the following device types: 


* CRT monitors: A cathode ray tube (CRT) is an older type of computer monitor. 
These are very heavy and bulky and can contain substantial amounts of hazardous 
materials, notably lead. They also contain a glass vacuum tube and high-voltage 
capacitors. While the tube is designed to be shatter resistant, it is still potentially 
very hazardous if dropped. The capacitors represent a high risk of electric shock. 

* Batteries: Swollen or leaking batteries from laptop computers or within cell phones 
and tablets must be handled very carefully and stored within appropriate 
containers. Use gloves and safety goggles to minimize any risk of burns from 
corrosive material. 

* Electronic devices (PCs, cell phones, and tablets): Many components in 
electronic devices contain toxins and heavy metals, such as lead, mercury, and 
arsenic. These toxins may be present in batteries, in circuit boards, and in plastics 
used in the case. These toxins are harmful to human health if ingested and 
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damaging to the environment. This means that you must not dispose of electronic 
devices as general waste in landfill or incinerators. If an electronic device cannot be 
donated for reuse, it must be disposed of through an approved waste management 
and recycling facility. 

* Toner kits and cartridges: Photocopier and laser printer toner is an extremely fine 
powder. The products in toner powder are not classed as hazardous to health but 
any dust in substantial concentration is a nuisance as it may cause respiratory tract 
irritation. 


GUIDELINES FOR WORKING SAFELY AMONG 
ENVIRONMENTAL HAZARDS 


Here are some guidelines to help you work safely when environmental hazards are 
present. 


ENVIRONMENTAL SAFETY 


Follow these guidelines to work safely among environmental hazards: 


* When installing equipment, ensure that cabling is secured, using cable ties or cable 
management products if necessary. Check that cables running under a desk cannot 
be kicked out by a user's feet. Do not run cabling across walkways or, if there is no 
option but to do so, use a cord protector to cover the cabling. 

* When servicing equipment, do not leave devices (PC cases for instance) in walkways 
or near the edge of a desk (where it could be knocked off). Be careful about putting 
down heavy or bulky equipment (ensure that it cannot topple). 

«+ When you need to lift or carry items, be aware of what your weight limitations are, 
as well as any restrictions and guidance set forth in your job description or site 
safety handbook. Weight limitations will vary depending on context. For example, a 
50 pound limitation for lifting and carrying an object while holding it close to your 
body is not the same as lifting an object from a shelf above your head. 

* If necessary, you should obtain protective clothing (gloves and possibly goggles) for 
handling equipment and materials that can be hazardous. 

* Lift heavy objects safely. To do so: 


1. Plant your feet around the object with one foot slightly toward the direction in 
which you are going to move. 

2. Bend your knees to reach the object while keeping your back as straight as is 
possible and comfortable and your chin up. 

3. Finda firm grip on the object then lift smoothly by straightening your legs—do 
not jerk the object up. 

4. Carry the object while keeping your back straight. 

* Lower heavy objects safely, by reversing the lifting process; keep your chin up and 
bend at the knees. Take care not to trap your fingers or to lower the object onto 
your feet. 

« Ifyou cannot lift an object because it is too awkward or heavy, then get help from a 
coworker, or use a Cart to relocate the equipment. If you use a cart, make sure the 
equipment is tightly secured during transport. Do not stack loose items on a cart. If 
you need to carry an object for some distance, make sure that the route is 
unobstructed and that the pathway (including stairs or doorways) is wide and tall 
enough. 

* Follow these guidelines when working with toxic materials. 


* Never disassemble a CRT and never try to stack old units on top of one another. 
e Use gloves and safety goggles to minimize any risk of burns from corrosive 
materials from batteries, cell phones, and tablets. 


Lesson 1: Installing and Configuring PC Components | Topic A 


8 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


e Use an air filter mask that fits over your mouth and nose when servicing toner 
kits and cartridges to avoid breathing in the particles. People who suffer from 
asthma or bronchitis should avoid changing toner cartridges where possible. 
Loose toner must be collected carefully using an approved toner vacuum and 
sealed within a strong plastic waste container. Get the manufacturer's advice 
about disposing of loose toner safely. It must not be sent directly to a landfill. 


ESD 


Static electricity is a high voltage (potential difference) stored in an insulated body. 
Electrostatic discharge (ESD) occurs when a path is created that allows electrons to 
rush from a statically charged body to another with an unequal charge. The electricity 
is released with a spark. The charge follows the path of least resistance, so it can occur 
between an electrical ground, such as a doorknob or a computer chassis, and a 
charged body, such as a human hand. 


Although the voltage is high, the amount of ESD current sustained is very low, so static 
electricity is not that harmful. It can, however, be slightly painful. You might have felt a 
small shock when reaching for a metal door handle for instance. You can feel a 
discharge of over about 2500V. A discharge of 20,000V or more could produce a visible 
spark. Walking over an untreated carpet in dry conditions could create a charge of 
around 35,000V. 


The human body is mostly water and so does not generate or store static electricity 
very well. Unfortunately, our clothes are often made of synthetic materials, such as 
nylon and polyester, which act as good generators of static electricity and provide 
insulating layers that allow charges to accumulate. Humidity and climate also affect the 
likelihood of ESD. The risk increases during dry, cool conditions when humidity is low. 
In humid conditions, such as before or during a storm, the residual charge can bleed 
into the environment before it can increase sufficiently to be harmful to electrical 
components. 


An electronic component, such as a memory or logic chip, is composed of fine, 
conductive metal oxides deposited on a small piece of silicon. Its dimensions are 
measured in fractions of a micron (one millionth of a meter). Any static electricity 
discharged into this structure will flash-over (spark) between the conductive tracks, 
damaging or even vaporizing them. A transistor designed to work with 1-3V can be 
damaged by a charge of under 100V, though most have ESD protection circuits that 
improve this tolerance. 


A static discharge may make a chip completely unusable. If not, it is likely to fail at 
some later time. Damage occurring in this way can be hidden for many months and 
might only manifest itself in occasional failures. 


COMPONENT HANDLING 


By eliminating unnecessary activities that create static charges and by removing 
unnecessary materials that are known charge generators, you can protect against ESD- 
related damage and injuries. There are several other prevention techniques that you 
can use to protect yourself and equipment when you are working with computer 
components. 


* Self-grounding, or manual dissipation of static buildup by touching a grounded 
object prior to touching any electronic equipment. You can accomplish this by 
touching an unpainted part of a metal computer chassis or other component. 

e Using an anti-ESD wrist strap or leg strap can dissipate static charges more 
effectively than self-grounding. The band should fit snugly around your wrist or 
ankle to maximize contact with the skin. Do not wear it over clothing. The strap 
ground is made either using a grounding plug that plugs into a wall socket or a 
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crocodile clip that attaches to a grounded point or an unpainted part of the 
computer's metal chassis. 


revy 
. 
tasse 


Ea w 
Electrostatic Discharge ESD wrist strap on ESD mat. (Image by Audrius Merfeldas © 123RF.com.) 
* Ananti-ESD service mat is also useful. Sensitive components can be placed on the 
mat safely. The mats contain a snap that you connect to the wrist or leg strap. If the 


technician's clothing has the potential to produce static charges, an ESD smock, 
which covers from the waist up, can be helpful. 


ESD Protective 


Work Mat 


Work Surface i 
Wrist Strap 


Ground Points 


Common Ground 
Point 
ESD Protective 
Floor Mat 


Chair Grounding ESD Protective 


Point Chair Mat 


An example of a basic electrostatic discharge (ESD) workstation. (Image © 123RF.com.) 
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* Electronic components, assemblies, and spare parts, known as field replaceable 
units (FRUs) are often shipped in antistatic bags to protect them from ESD 
damage. 


ANTISTATIC BAG TYPES 


Antistatic packaging includes either anti-ESD shielding or dissipative material. 


e Anti-ESD Shielding—this packaging reduces the risk of ESD because it is coated with 
a conductive material (such as a nickel compound). This material prevents static 
electricity from discharging through the inside of the bag. These bags are usually a 
shiny grey metallic color. To protect the contents of the bag fully, you should seal it, 
or at least fold the top over and seal that down. 

* Dissipative Packaging—this light pink or blue packaging reduces the build-up of 
static in the general vicinity of the contents by being slightly more conductive than 
normal. A plastic bag or foam packaging may be sprayed with an anti-static coating 
or have anti-static materials added to the plastic compound. This is used to package 
non-static-sensitive components packed in proximity to static-sensitive 
components. 


GUIDELINES FOR PROTECTING COMPONENTS FROM ESD 
DAMAGE 


Here are some guidelines to help you protect your electronic components from ESD 
damage. 


ESD PROTECTION 

Follow these guidelines to protect electronic components from damage due to ESD: 

+ Use proper component handling and storage procedures whenever you are 
performing PC maintenance work. 

* To protect components and equipment from ESD damage: 

* Make sure that your body and clothing are drained of static electricity before 
starting work. 

* If possible, work in an uncarpeted area. 

* The simplest (but least effective) means of self-grounding is to touch an 
unpainted metal part of the PC, such as the power supply unit, before you 
handle a sensitive component. This is only a temporary solution and a static 
charge could build up again. 


Caution: Do not leave the PC plugged in if you open the case for servicing. Your 
safety is more important than the risk of damaging some PC components. 


+ Where possible, handle vulnerable components by holding the edges of the 
plastic mounting card, and avoid touching the surfaces of the chips themselves. 
* Use ESD wrist or ankle straps and dissipative floor mats. 


Note: Ensure that the strap has a working current-limiting resistor for safety (straps 
should be tested daily). Do not use a grounding plug if there is any suspicion of a fault 


in the socket or in the building's electrical wiring, or if the wiring is not regularly 
inspected and tested. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 
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Activity 1-1 


Implementing an Anti-ESD Service Kit 


BEFORE YOU BEGIN 


Your instructor will provide you with an anti-static kit. 
You will be performing this activity at your WORKBENCH PC. 


SCENARIO 


You are assisting with introducing recently hired employees to the safety culture. You 
will need to demonstrate safe use of an anti-static kit and answer questions about 
safety procedures and hazards. 


1. Describe the equipment you should use to prevent static electricity on your 
body from damaging the equipment on which you are working. 


2. Your instructor will provide you with an anti-static service kit. Prepare it for use 
and allow your instructor to check that you have connected everything correctly. 


You can refer to the figure in the Component Handling section for assistance. 


3. True or False? If you are using an anti-static floor mat, you do not need any 
other anti-ESD service equipment. 


4. In which atmospheric conditions is the risk of ESD highest? 


5. Electrical injuries include electrocution, shock, and collateral injury. Would 
you be injured if you are not part of the electrical ground current? 
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6. 


8. 


9. 


Which computer component presents the most danger from electrical 
shock? 


O System boards 
O Hard drives 
O Power supplies 
O System unit 


What component helps to protect users of electrical equipment against a 
short circuit? 


O Resistor 

O Fuse 

O Power supply 
O ESD wrist strap 


What care should you take when lifting a heavy object? 


What should you do before transporting a bulky object? 
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Topic B 


PC Components 


EXAM OBJECTIVES COVERED 
KI 1001-3.5 Given a scenario, install and configure motherboards, CPUs, and add-on cards. 


If you are not familiar with the various components that a computer is made up of, it 
can seem like a jigsaw puzzle. Like most puzzles, each part of a computer connects to 
other parts in a specific place, but generally, you will find that the pieces fit together 
almost exactly the same way from one system to another. To help you put the puzzle 
together, you need to understand what these pieces look like and what they do. 


SYSTEM CASE TYPES 


A desktop computer refers to a PC that is not designed to be used on the move. The 
components of a desktop computer system are divided between those that are 
designed to be handled by the user (peripheral devices) and those that would be 
damaged or dangerous if exposed. 


The system case (or chassis) is a plastic and metal box that houses this second class 
of components, such as the motherboard, Central Processing Unit (CPU), memory, 
adapter cards, disk drives, and power supply unit. System units are also often referred 
to as boxes, main units, or base units. 


There are two basic types of system unit: Tower and Small Form Factor (SFF). These 
types are available in different sizes. Be aware that while a small case may be desirable 
because it takes up less space, it has less room inside for installing extra devices and is 
less effective at cooling. 


A tower case is designed to sit vertically on a surface, so that it is taller than it is wide. 
Tower cases come in four basic sizes: full, mid, mini, and slim line. 


* Full tower cases are usually used for PC servers. These require the extra internal 
space for additional hard disks, adapter cards, and redundant power supply units. 

+ Mid tower cases are used for high-end user PCs. These PCs do require extra devices 
and adapter cards, but not as many as a server. 

e Mini tower cases are usually used for office or home PCs where the requirement for 
additional internal devices and adapter cards is limited. 

« Slimline cases require low-profile adapter cards but can be oriented horizontally or 
vertically. 
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Tower/Case Front —> 


Optical Disc 
Drive Bays 


3.5” Drive Bays 


Motherboard (for hard drives) 


(already in bay) 


<— Tower/Case Back 


Computer tower with main panel removed showing an attached motherboard and areas for optical 
disc drives, 3.5" drive bays, and a power supply bay. (Image © 123RF.com.) 


Small Form Factor (SFF) case designs are semi-portable, space-saving designs 
typically used for domestic entertainment or Media Center systems that will not look 
out of place in a living room. They are usually cube-like or super slimline. SFF cases can 
hold only a limited number of components. 


Desktop computers can also be purchased as all-in-one units. All-in-one means that 
all the computer components, except the keyboard and mouse, are contained within 


the monitor case. 


All-in-one PC. (Image © 123RF.com.) 
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PARTS OF THE SYSTEM CASE 


To perform PC maintenance and component upgrades, you must understand how to 
open a desktop computer's case. 


Each case has a cover, which is removed by either undoing the screws at the back 
or pressing together clips that release it. Cases based on the slimline design have a 
hinged cover that releases to allow access to the motherboard. 

The front panel provides access to the removable media drives, a power on/off 
switch, a reset switch, and LEDs (Light Emitting Diodes) to indicate drive operation. 
The front cover can be removed but may require the side panel to be removed first 
in order to access the screws or clips that secure it. 


Optical Disc 
Drive 


Unused Optical 
Disc Drive Bays 


Front I/O Panel 
(audio and USB) 


TEMP 30°C Cmm 
cPU 33°C ŒB 


FAN 700 Cam Power Button 


Temperature 
Display on Case 


Fan Vents for 
Airflow 


Front of case. (Image © 123RF.com.) 


Note: Some cases feature tool-free access (that is, they are secured by clips). Some 
cases use proprietary screw fittings to prevent unauthorized access to the internal 


The rear panel has cut-out slots aligned with the position of adapter card slots. 
These slots should either be covered by an adapter card or a metal strip known as a 
blanking plate. Uncovered slots can disrupt the proper flow of air around 
components in the PC and cause overheating and also increase the amount of dust 


in the system. 


There is also a cut-out aligned with the motherboard's Input/Output (I/O) ports. 
These allow for the connection of peripheral devices. 


The rear panel provides access to the Power Supply Unit (PSU) sockets. The PSU has 
an integral fan exhaust. Care should be taken that it is not obstructed, as this will 
adversely affect cooling. There may be an additional case fan. 
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Power Supply 
with Fan 


Chassis Fan 
Airflow Cutout 


Motherboard 
1/0 Panel 


Expansion Card 
Slot (in use) 


Expansion Card 
Slot (not in use) 


Rear panel of a PC. (Image © 123RF.com.) 


REPAIR OR REPLACE? 


PC components that are easily user-replaceable (or upgradeable) are referred to as 

field replaceable units (FRUs). Due to economic factors, most components of a PC 
are not worth repairing; instead they are simply replaced with a new unit ("swapped 
out"). 


GUIDELINES FOR PC DISASSEMBLY 


Here are some guidelines for disassembling PCs. 


PC DISASSEMBLY 
Before you start to disassemble a PC, consider the following guidelines: 


* Back up all data stored on the internal drive(s) to protect important data. 

* Create a clean work environment with plenty of working space where you can set 
the PC at a comfortable height. 

* Gather all necessary tools and equipment. A notepad and pen may be useful for 
making diagrams and notes. A digital camera is also useful for recording the layout 
of components. 

« Make sure that all devices are powered off and unplugged from the building power 
before disconnecting them. 

* Take anti-static precautions to minimize the chance of damaging sensitive 
components. Place static-sensitive components, such as processors and memory, in 
anti-static bags. 
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Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


and job aids on How to Disassemble a Personal Computer. 


Vv Access the Checklist tile on your CHOICE Course screen for reference information 


MOTHERBOARDS 


A printed circuit board, variously called the motherboard, mobo, system board, or 
main board, houses the processor, chipset, memory, and expansion slots. The type of 
motherboard influences system speed and upgrade capabilities. There are many 
motherboard manufacturers, including AOpen (Acer), ASRock, ASUSTek, Biostar, EVGA 
Corporation, Gigabyte, Intel, MSI, Shuttle, Tyan, and Via. 

The motherboard is attached to the case by using standoffs. These hold the 
motherboard firmly and ensure no other part of it touches the case. The standoffs are 
positioned in holes that line up in the same position in the case and the motherboard 
(as long as they use compatible form factors). Standoffs are either brass ones secured 
by screws or plastic ones that snap into place. 


MOTHERBOARD FORM FACTORS 


The form factor of the motherboard describes its shape, layout, and the type of case 
and power supply that can be used. Two motherboards may have exactly the same 
functionality but different form factors; the difference is the layout of the components 
on the motherboard. 


The following table describes common motherboard form factors. 


Form Factor Description 


ATX * The Advanced Technology Extended (ATX) specification 
was developed by Intel in 1995 to provide a new design 
for PC motherboards, updating the previous AT form 
factor. 

* Full size ATX boards are 12 inches wide by 9.6 inches 
deep (or 305 x 244 mm). 
* ATX boards can contain up to seven expansion slots. 

Micro-ATX * The Micro-ATX (mATX) standard specifies a 9.6-inch (244 
x 244 mm) square board. 

* mATX boards have fewer expansion slots than ATX 
boards (up to 4 compared to a maximum of 7 for full- 
sized ATX boards). 


Note: Most mATX boards can be mounted in ATX 
cases. 
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Form Factor Description 


Mini-ITX * Small Form Factor (SFF) PCs are becoming popular as 
home machines (and in image-conscious offices). SFF 
PCs often use Via's Mini-ITX form factor. 


* Mini-ITX is 6.7 inches (170 x 170 mm) square with one 
expansion slot. 


© Note: Most mini-ITX boards can be mounted in ATX 
cases. 


Other ITX-based form There are also smaller nano-, pico-, and mobile-ITX form 
factors factors, but these are used for embedded systems and 
portables, rather than PCs. 


Note: No commercial motherboards were ever produced 
from the original plain ITX specification. 


MOTHERBOARD CONNECTOR TYPES 


All motherboards have connectors for the same sort of components: CPU, memory, 
disk drives, peripherals, and so on. However, the type and number of these connectors 
depends upon the motherboard model. 


Memory Slots 


CPU Socket 


Disk Drive 
Connectors 


1/O Ports (USB, 
video, audio, etc.) 


Adapter Card 
Slots 


Motherboard connectors. (Image © 123RF.com.) 


CPU SOCKETS 


New motherboards are generally released to support new CPU designs. Most PC CPUs 
are manufactured by Intel and AMD, and these vendors use different socket designs. 
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Also, because technology changes rapidly, a given motherboard will only support a 
limited number of CPU models. CPU models are closely tied to the chipset and 
memory subsystem. This means that there is less scope for upgrading the CPU than 
used to be the case. You could not, for instance, take a motherboard designed for the 
Core 2 CPU and plug an AMD Phenom CPU into it. Both the physical interface (socket) 
and system architecture have diverged along proprietary lines since the old socket 7 
interface. 


The CPU is typically inserted into a squarish socket, located close to the memory 
sockets, and then covered by a heatsink and fan. 


CPU Socket 


Motherboard 
Heatsinks 


Motherboard CPU socket and heatsinks. (Image © 123RF.com.) 


MEMORY SLOTS 


All the software and data processed by a computer is ultimately stored as binary code; 
strings of ones and zeroes. This program code is stored in system memory. 


System memory uses a type of memory technology called Random Access Memory 
(RAM). Program code is loaded into RAM so that it can be accessed and executed by 
the processor. RAM also holds data, such as the contents of a spreadsheet or 
document, while it is being modified. System RAM is volatile; it loses its contents when 
power is removed. 


System RAM is normally packaged as Dual Inline Memory Modules (DIMMs) fitted to 
motherboard slots. DIMM slots have catches at either end, are located close to the CPU 
socket, and are often color-coded. Note that there are various RAM technologies (DDR3 
versus DDR4, for instance) and the DIMMs are specific to a particular DDR version. A 
label next to the slots should identify the type of DIMMs supported. 


The capabilities of the memory controller and number of physical slots determine how 
much memory can be fitted. 
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DIMM Memory 


Motherboard DIMM system memory slots. (Image © 123RF.com.) 


CHIPSET AND MEMORY ARCHITECTURE 


The chipset consists of several controllers that handle the transfer of data between 
the CPU and various devices. Examples of controllers include the following: 


* System memory controller. 

* Input/Output (I/O) controller to handle disk drives and expansion buses. 

* Controllers for any integrated video, sound, and network (cabled and wireless) 
interfaces. 


Note: Inte! and AMD manufacture all the CPUs used in PCs, but there are various chipset 
vendors. Some of the major names include ATI (now owned by AMD), NVIDIA, SiS, ULi, and 
VIA. 


The chipset is soldered onto the motherboard and cannot be upgraded. The type of 
chipset on the motherboard can affect the choice of processor and multiprocessing 
support, type and amount of system memory supported, and type(s) of system bus 
supported. 


The link between the CPU and system memory is a key factor in determining system 
performance. Historically, PCs used a chipset split into two sections: the northbridge 
and the southbridge. The main function of the northbridge is as the system memory 
controller, connecting the processor to RAM. The southbridge is designed to control all 
of the I/O functions not handled by the northbridge. These are older, slower 
technologies, such as USB. 


As memory, video, and fixed disk technologies improved, the northbridge/southbridge 
architecture became a bottleneck to performance. Newer CPUs and chipsets use 
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different designs, with Intel and AMD both introducing different architectures. The 
general trend is for subsystems that require a lot of bandwidth—notably the system 
memory controller and graphics controller—to be incorporated on the same chip as 
the CPU itself (referred to as "on die"). 


CMOS AND RTC BATTERIES 


On older computers, CMOS RAM stored the PC's basic configuration and any settings 
made via the CMOS/system firmware setup program. CMOS stands for 
Complementary Metal-Oxide Semiconductor, which describes the manufacturing 
process used to make the RAM chip. 


CMOS devices require very little power to operate and use a small battery to maintain 
their settings. The CMOS battery is a coin cell lithium battery. These batteries typically 
last for 5-10 years. 


On current motherboards, configuration data is stored in a Non-Volatile RAM (NVRAM) 
chip such as flash memory, rather than in CMOS RAM. Flash memory does not require 
battery-backup. A CMOS battery is still used to power the Real Time Clock (RTC), 
however, and may be referred to as the RTC battery or clock battery. The RTC keeps 
track of the actual date and time. 


RTC Coin Cell 
Battery 


RTC coin cell battery on the motherboard. (Image © 123RF.com.) 


BUS ARCHITECTURE 


Computers transmit data using electrical signals and process and store it using 
components called transistors and capacitors. An electrical pathway on the 
motherboard or through cabling that carries the signals is referred to as a bus. 
Physically, a bus is implemented on the motherboard as tiny wires (called traces) 
running between components. The bus carries information being processed by the 
computer (data) and information about where the data is located in memory (address). 
The bus also carries power to a component and the timing signals that synchronize 
data transfers between components. 
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The term "bus architecture" usually means an expansion bus, used to connect 
peripheral devices. However, a variety of buses exist within a PC. Also, the way that bus 
designs are implemented has changed considerably as PC technology has developed 
and improved. 


INTERNAL AND EXTERNAL BUSES 


One way of categorizing types of buses is to divide them into internal and external. An 
internal bus, or local bus, connects core components, such as the CPU, memory, and 
the system controllers. 


An external bus, or expansion bus, allows additional components to be connected to 
the computer. These components could be peripheral devices (located outside the 
case) or adapter cards (located inside the case). 


External bus technologies do not necessarily extend outside the computer case. For 
example, PCI, the most popular expansion bus standard, provides connections to 
internal adapter cards only. A genuinely external bus (like SCSI, USB, or Firewire) 
extends the bus wires outside the computer case using cabling. The distinction 
between internal and external bus types has also become a lot less clear as one bus 
technology will be used to perform both types of role (for example, PCI Express). 


EXPANSION SLOTS 


Expansion slots enable you to install plug-in adapter cards in a computer to extend 
the range of functions it can perform. There are several expansion bus types and many 
different types of adapter card. 


Computers can support more than one expansion bus. PCs use a multi-bus design, to 
support older technologies and allow for upgrades. For example, a PC might support 
PCI and PCI Express for adding internal adapter cards plus USB to allow the connection 
of peripherals. 


RISER CARDS 


Some PC case designs are slimline, meaning that there is not enough space for full 
height expansion cards. This problem is addressed by providing a riser card at right 
angles to the main board, enabling you to connect additional adapters to the system in 
an orientation that is parallel to the motherboard and thus save space within the 
system case. 


Note: Another option is to use low profile adapter cards. A low profile card is about half 
the height of a standard card and so fits within a slimline case. 


Historically, the LPX and NLX form factors were designed as riser architectures. Most 
manufacturers just use the ATX riser card specification. This specifies a 2x11 connector 
plus a PCI connector for the riser card. 
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A riser card. (Image © 123RF.com.) 


board that plugs into another circuit board. In personal computing, a daughter board 
can be used as a more general term for adapter cards. Sometimes, in casual usage, the 
term is used interchangeably with the term riser card, but technically they are not the 
same. 


Q Note: Daughter board is a general computing and electronics term for any circuit 


SYSTEM CLOCK AND BUS SPEED 


The system clock synchronizes the operation of all parts of the PC and provides the 
basic timing signal for the CPU. Clock speeds are measured in Megahertz (MHz) or 
Gigahertz (GHz). The clock consists of a clock generator that sets up a timing signal and 
clock multipliers that take the timing signal produced by the generator and apply a 
multiplication factor to produce different timing signals for different types of buses. 
This means that one type of bus can work at a different speed (or frequency) to 
another type of bus. 


PCI BUS 


The Peripheral Component Interconnect (PCI) bus was introduced in 1994 with the 
Pentium processor. It is still an important technology in terms of adapter card 
provision, though it is being superseded by PCI Express. Several versions of PCI have 
been released subsequently to the first commercial version (2.0). Information about 
PCI standards is published at pcisig.org. The different capabilities are summarized 
here. 
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BUS WIDTH AND CLOCK SPEED 


e PCI supports up to 5 devices (though each device can have up to 8 different 
functions) and allocates system resources by using Plug-and-Play. Bandwidth on the 
PCI bus is shared between all devices. PCI supports bus mastering, meaning that 
the device can control the bus to transfer data to and from memory, without 
requiring the CPU. The PCI architecture is a 32-bit-wide parallel bus working at 33.3 
MHz, achieving a transfer rate of up to 133 MBps (that is, 32 bits divided by 8 to get 
4 bytes, then multiplied by the clock rate of 33.3). 

* Later versions allowed for 66 MHz operation (giving a 32-bit bus 266 MBps 
bandwidth) and a 64-bit wide bus (266 MBps at 33.3 MHz or 533 MBps at 66 MHz). 
64-bit and 66 MHz cards and buses are not commonly found on desktop PCs, 
however. 


ADAPTER CARD AND SLOT FORM FACTORS 

Originally, PCI cards were designed for 5V signaling, but the PCI 2.1 specification also 
allows for 3.3V and dual voltage cards. In order to prevent the wrong type of PCI card 
from being inserted (for example, a 3.3V card in a 5V PCI slot), the keying for the three 
types of cards is different. 


Universal 32-bit adapter 64-bit adapters 
(with both key positions) have 60 extra 
pins 


Pin position for Pin position for 


3.3V only adapter 5V only adapter 


3.3V PCI slot (32-bit) 


ee A | 


5V PCI slot (32-bit) 


PCI card and slot form factors. The exact number of pins is not shown in this image. (Image © 
123RF.com.) 


On a 5V card and slot, the key is at pins 50-51; on a 3.3V adapter, the key is at pins 
12-13. 


64-bit compatible slots and adapters have an extra 60 pins, making the slots 
distinctively longer. A 32-bit card can be inserted into a 64-bit slot (as long as it is nota 
5V card). 


Note: PCI 2.3 deprecates the use of 5V cards and most cards are universal. The vast 
majority of cards and slots for desktop systems are 32-bit. 64-bit PCI is more a feature of 
server-level systems. 


Regardless of the voltage used for signaling, PCI slots can deliver up to 25W of power 
to an adapter. 


A dual voltage (universal) adapter has both keys. 
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Dual Voltage 32-bit 
PCI Sound Card 


32-bit PCI sound card with dual voltage. (Image © 123RF.com.) 


PCI EXPRESS BUS 


As CPU and memory bus speeds increased over the years, PCI represented a 
substantial bottleneck to computer performance. PCl is a parallel interface. Parallel 
interface speeds are limited by the problem of timing each signal (data skew). They are 
also more complex and costly to implement. Another performance barrier is the fact 
that the bandwidth of the PCI bus is shared between all the components connected to 
it, and only one component can make use of the bus at any one time. This is a 
particular problem for video, disk access, and networking. 


Various fixes were implemented to remove critical bottlenecks. These fixes added to 
the complexity of chip design, and over time the PCI bus simply became inadequate. 
PCI Express (PCle) was released by Intel in 2004 as the replacement for the PCI 
architecture. PCle uses point-to-point serial communications, meaning that each 
component can have a dedicated link to any other component. Connections are made 
via a switch, which routes data between components and can provide Quality of 
Service (QoS) to any component that needs it (for example, to prioritize real-time video 
over non-time critical data). 
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X16 PCle Slot 


x8 PCle Slot 


x1 PCle Slot 


PCI Slot 


Motherboard PCI and PCI Express expansion slots. (Image © 123RF.com.) 


Each point-to-point connection is referred to as a link. The link sends both data and 
control/timing instructions. A link can make use of one or more lanes. Each lane 
consists of two wire pairs (four wires in total) using low voltage differential signaling. 
One pair is used to transmit and the other to receive (bi-directional). 


* A given component can support a specific number of lanes (usually x1, x4, x8, or 
x16), and the switch negotiates the maximum possible number of lanes to use (for 
example, x8 and x16 devices would use 8 lanes). Each lane supports a transfer rate 
of 250 MBps in each direction. Most graphics cards use x16 links (4 GBps in each 
direction). 

e Acard will fit in any port with an equal or greater number of lanes. For example, a 
x8 card will fit in a x8 or x16 socket (up-plugging) and work at x8, but it will not fit in 
a x1 or x4 slot (down-plugging). x4, x8, and x16 slots are physically the same length 
but parts of the slot will be blanked out for x4 and x8. 


PCle is software compatible with PCI, meaning that PCI ports can be included on a 
motherboard (to support legacy adapter cards) but PCI cards cannot be fitted into PCle 
sockets. 


PCle can supply up to 75W to a device via the motherboard slot. An extra 75W power 
can be supplied via a PCle power connector. PCle also features power management 
functions and support for hot swappable and hot pluggable adapters. 


PCle VERSIONS 

The original PCle standard has been subject to several version updates. PCI Express 2 
compatible motherboards and adapters support transfer rates of 500 MBps per lane. 
Version 2.0 motherboards and adapters are interchangeable with earlier version 1.1 
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devices, though the added performance benefits are realized only if both components 
support version 2. 


PCle 2.1 specifies a power draw from the slot of up to 150W and an 8-pin auxiliary 
power connector delivering another 150W. This change introduced potential 
compatibility problems with v1.0 devices but these can often be fixed via a firmware 
update. 


PCle 3 further increases transfer rates to around 1 GBps per lane while maintaining 
backward-compatibility. The PCle 4 standard doubles transfer rates again, to roughly 2 
GBps per lane, whereas PCle 5, while still being finalized at the time of writing, will 
almost double it again (to nearly 4 GBps per lane). 


speeds. These values do not exclude the bits transmitted as signaling and encoding 


@ Note: You will also see the term GigaTransfers per second (GT/s) used to describe PCle 
overhead. 


STORAGE BUS (SATA AND IDE) 


A storage bus is a special type of expansion bus dedicated to communicating with 
storage devices, such as hard disks, solid state drives, and optical drives (CD/DVD/Blu- 
ray). Host Bus Adapters (HBAs) provide a connection point for internal mass storage 
devices, such as hard drives, optical drives, and tape drives. There used to be two main 
bus standards for attaching internal storage devices to a PC: Parallel ATA (PATA), which 
is also known as Integrated Drive Electronics (IDE) or Enhanced IDE (EIDE), and Small 
Computer System Interface (SCSI). 


Both IDE and SCSI used parallel transfers of data per clock signal to improve 
bandwidth. As circuitry and encoding methods have improved, these parallel 
transmission technologies have been superseded by faster serial bus types. 
Consequently, IDE and SCSI have now largely been replaced by SATA (Serial ATA). 


Front View of 
Legacy PATA/IDE 6 SATA Ports 


SATA Ports 
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Motherboard SATA and legacy PATA/IDE ports. (Image © 123RF.com.) 
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A SATA port accepts a compact 7-pin connector and can be used to attach a single 
device. Most full size motherboards have 4 built-in SATA ports. 


Note: What is called IDE today is technically Enhanced IDE (EIDE). Original IDE 
specifications were published even further in the past. 


OTHER MOTHERBOARD CONNECTORS 


In addition to slots and sockets for the major components, motherboards also include 
connectors for things like case buttons and fans. 


Front Panel 
Headers 


9-pin USB 
Headers 


Audio 
Headers 


Motherboard front panel, USB, and audio headers. (Image © 123RF.com.) 
These connector types are described in the following table. 


Connector Type Description 


Internal USB connectors A computer will normally feature one or two front USB 
ports to connect peripherals, as well as more on the 
back. Internal USB connections are made via 9-pin 
headers, which accept up to two 4-pin port connections 
(the 9th pin is to orient the cable correctly). 
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Connector Type Description 


Front panel connectors Components on the front panel of the case connect to 
headers on the motherboard. Typically, front panel 
connectors can include: 


* Power button (soft power): On modern computers, 
the power button sends a signal to the PC that can be 
interpreted by the OS (as a command to shut down 
for instance) rather than actually switching the PC off. 
Holding down the power button for a few seconds will 
cut the power, however. 

* Drive (HDD) activity lights: These show when an 
internal hard disk is being accessed. 

e Audio ports: These allow headphones anda 
microphone to be connected to the computer. 


When disassembling the system, you should make a 
diagram of how these connectors are plugged in 
(position and orientation). If you do not have a diagram, 
you will have to refer to the motherboard documentation 
or go by any labels printed on the wires and headers. 
These are not always very easy to follow, however, which 
is why you should always make a diagram (or take a 
digital photo) to refer to. 


Power and fan connectors The motherboard also contains various connection 
points for the power supply and fans. 


* The power connector is usually a 24-pin white or black 
block. 

* Fan connectors are smaller. There will be one for the 
CPU and one or more for the case fans. 


There is no current standard that dictates the size and 
form factor of fan connectors. Common connectors 
include: 


* A3-pin Molex KK connector, commonly used to 
connect a fan directly to the motherboard. 

* A4-pin Molex KK connector that is similar in function 
to the 3-pin KK connector, except that it has an extra 
pin to provide the ability to control the speed of the 
fan. 

+ A4-pin Molex connector that connects directly to the 
system's power supply. 


happen, the power supply requires an external fan connector that is attached to the 
motherboard. The fan does not draw power from the connector; it only is used to provide 
information to the system firmware. Based on the information received, the system can 
increase the fan speed for improved cooling or decrease the fan speed when less cooling 
is needed so that the system operates more quietly. 


© Note: In some systems, the system firmware monitors the fan speed. In order for this to 


JUMPER SETTINGS 

When upgrading components such as the CPU, you may have to change the position of 
jumpers on the motherboard. A jumper is a small plastic clip containing a metal 
conductor that fits over two contacts on the motherboard. The position of the clip 
completes a circuit that configures the motherboard in one way or another. 
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Note: There may be a motherboard reset jumper. Setting this may allow you to restore 
the system from a failed firmware update, forgotten system supervisor password, and so 
on. 
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Activity 1-2 


Discussing PC Components 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Describe how you would open a PC case to access the motherboard. 


2. At the rear of a system case are slots for adapter card ports. Why should 
these be covered with blanking plates if not in use? 


3. You have been servicing a computer but when you have finished you find that it 
will not turn on. There was no power problem before and you have verified that 
the computer is connected to a working electrical outlet. 


What is the most likely explanation? 


4. What is the main function of the chipset? 


5. True or false? The Real Time Clock controls the timing of signals between the 


CPU and other components. 


6. What type of socket is used to install system memory? 
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7. You have a x8 PCle storage adapter card—can you fit this in a x16 slot? 


8. What is the bandwidth of a PCle v2.0 x16 graphics adapter? 


9. You also need to help new hires identify the different types of motherboards used 
in computers deployed throughout the company. 


What type of motherboard is displayed here, and what characteristics did 
you use to help you identify the board type? 
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10. What type of motherboard is displayed here, and what characteristics did 
you use to help you identify the board type? 


12 inches 


~10 inches 
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Topic C 


Common Connection Interfaces 


EXAM OBJECTIVES COVERED 
a 1001-3.1 Explain basic cable types, features, and their purposes. 
1001-3.2 Identify common connector types. 


1001-3.5 Given a scenario, install and configure motherboards, CPUs, and add-on cards. 


You need to be able to identify how components are connected together to form a 
complete computer system. In this topic, you will compare PC and device connection 
interfaces and their characteristics. 


A PC is made up of many different components. All of these components need to be 
able to communicate with each other so that the computer can function properly. As 
PC designs have evolved over the years, several connection technologies have been 
implemented to provide communication among computer components. As a computer 
technician, identifying the methods used to connect devices to a computer will enable 
you to install, upgrade, and replace PC components quickly and effectively. 


INTERFACES, PORTS, AND CONNECTIONS 


Some people might use the terms interface, port, and connection interchangeably, but 
there are some differences among the three. 


INTERFACE 


An interface is the point at which two devices connect and communicate with each 
other. 


PORT 


A physical Port is a hardware interface that you can use to connect devices to a 
computer. The port can also be referred to as an endpoint. 


* The port transfers electronic signals between the device and the system unit. 

e A port is either an electrically wired socket or plug, or it can be a wireless 
transmission device. 

+ Ports can vary by shape, by color, by the number and layout of the pins or 
connectors contained within the port, by the signals the port carries, and by the 
port's location. 

* Ports exist for both internal and external devices. External ports often have a 
graphical representation of the type of device that should be connected to it, such 
as a Small picture of a monitor adjacent to the video port. 


CONNECTIONS 


Computer connections are the physical access points that enable a computer to 
communicate with internal or external devices. They include the ports on both the 
computer and the connected devices, plus a transmission medium, which is either a 
cable with connectors at each end or a wireless technology. Personal computer 
connections can be categorized by the technology or standard that was used to 
develop the device. 
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Portable Computer 
Hard Drive Tower/Case 


USB Micro USB Micro Cable USB 3.0 USB 3.0 
Port Connector Connector Port 


A computer connection between an external USB hard drive and a desktop computer. (Image © 
123RF.com.) 


Ports are often described as being male, meaning they have pin connectors, or 
female, meaning they have hole connectors. This gender orientation means that it is 
virtually impossible to connect them incorrectly. Many connectors and ports are also 
keyed to prevent them from being inserted the wrong way around. 


I/O PORTS AND CABLES 


Input and output (I/O) ports allow additional devices to be connected to the PC. Some 
ports are designed for a particular type of device (such as a graphics port). Other ports 
(such as USB) support different device types. 


External ports are positioned at the rear or front of the PC through cut-outs in the 
case. They can be provided on the motherboard or with an expansion card. 


Lesson 1: Installing and Configuring PC Components | Topic C 


36 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


RJ-45 Network 


Audio Ports 


I/O ports on a motherboard. (Image © 123RF.com.) 


USB CONNECTORS 


The Universal Serial Bus (USB) has become the standard means of connecting 
peripheral devices to a computer. It is an example of a multipurpose cable that can be 
used to attach a wide range of peripherals and storage devices. 


Note: USB has not historically been used as a display interface (to attach a monitor). 
That is changing as the USB-C connector (discussed later) is becoming more widely 


adopted. 
A USB bus consists of a host controller and up to 127 devices. 


Note: To overcome the limitations of sharing bandwidth, most PC chipsets feature 
multiple USB controllers, each of which has only three or four ports. 


A device can be a hub (providing ports for additional devices) or function. Functions 
are divided into classes, such as human interface (keyboards and mice), mass storage 
(disk drives), printer, audio device, and so on. 


USB STANDARDS 


There have been several iterations of the USB standard. Each new version introduces 
better data rates. A version update may also define new connector form factors and 
other improvements. The USB 2.0 (HighSpeed) standard specifies a data rate of 480 
Mbps. Note that this bandwidth is shared between all devices attached to the same 
host. 
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The USB 3.0 standard introduces a SuperSpeed mode. SuperSpeed improves the bus 
bandwidth tenfold (to 5 Gbps or 5000 Mbps) and makes the link full duplex, so a device 
can send and receive at up to 5 Gbps simultaneously. USB 3.1 defines a SuperSpeed+ 
mode with a data rate of 10 Gbps. USB 3.2 promises 20 Gbps, but only over USB-C 
ports and cabling (discussed later). 


SuperSpeed-capable devices while the other supports legacy HighSpeed, FullSpeed, and 
LowSpeed USB v7.1 and v2.0 devices. Consequently legacy devices will not slow down 
SuperSpeed-capable devices. There are changes to the way the bus works to try to 
improve "real-world" bandwidth too. 


@ Note: USB 3 controllers actually feature two sub-controllers. One controller handles 


USB 3.x receptacles and connectors often have a blue connector tab or housing to 
distinguish them. 


USB POWER 
Power is supplied by the host at 5V and a single device may draw up to 500 mA (milli- 
amps) or 2.5 W (increased to 4.5 W with the USB 3.0 specification). Devices that require 
more power than this, such as printers, must be connected to an external power 
supply. 
Note: Devices supporting fast charging can supply 7.5 W if the port is in charging mode 
Q (no data transfer is possible in charging mode). Devices conforming to the USB Power 
Delivery version 2.0 specification are able to deliver up to 100 W of power. 


USB ON THE GO (OTG) 

USB On the Go (OTG) allows a port to function either as a host or as a device. For 
example, a port on a smartphone might operate as a device when connected to a PC 
but as a host when connected to a keyboard. 


USB CONNECTORS AND PORTS 

USB connectors are always inserted with the USB symbol facing up. There have been 
several versions of the USB standard and these versions have often introduced new 
connector form factors. 


The main connectors for USB 2.0 are: 
* Type A (4-pin)—for connection to the host. The connector and port are shaped like 
flat rectangles. 


* Type B (4-pin)—for connection to a device. The connector and port are square, with 
a beveled top. There are also small form factor versions of the type B connector and 
port: 


* Type B Mini (5-pin)—a smaller connector for connection to a device. This type of 
connector was seen on early digital cameras but is no longer widely used. The 
additional pin supports USB OTG. 


Note: There were also a number of non-standard mini B connectors used on 
various digital camera models. 


* Type B Micro (5-pin)—an updated connector for smaller devices, such as 
smartphones and tablets. The micro connector is distinctively flatter than the 
older mini type connector. 
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CbuUY 


TypeA Type B Type B Mini Type B Micro 


USB 2.0 ports and connectors. (Image © 123RF.com.) 


A USB cable can feature Type A to Type A connectors but most convert from one type 
to another (Type A to Type B or Type A to Micro Type B for instance). 

In USB 3.0, there are 9-pin versions of the Type A, Type B, and Type B Micro 
connectors. USB 3.0 Type A connections are physically compatible with USB 1.1 and 2.0 
connections, but the Type B/Type B Micro connections are not. So, for example, you 
could plug a USB 2.0 Type A cable into a USB 3.0 port, but you could not plug a USB 3.0 
Type B cable into a USB 2.0 Type B port. 


USB 3.0 and 3.1 
= cs =- — 


vous’ 


TypeA Type B Type B Micro Type C 


USB 3.0 and 3.1 connectors and ports (from left to right): Type A, Type B, Micro Type B, Type C. (Image 
© 123RF.com.) 


As you can see, USB has historically featured a bewildering range of connector types. 
USB 3.1 defines a new USB-C 24-pin connector type. This should provide a single 
consistent hardware interface for the standard. The connector is reversible, meaning it 
can be inserted either way up. The connector design is also more secure and robust. 
USB-C can use the same type of connector at both ends or you can obtain USB-C to 
USB Type A or Type B converter cables. 


CABLE LENGTH 


The maximum cable length for LowSpeed devices is 3m while for FullSpeed and 
HighSpeed the limit is 5m. Vendors may provide longer cables however. SuperSpeed- 
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capable cables do not have an official maximum length but up to about 3m is 
recommended. 


OTHER PERIPHERAL CONNECTOR TYPES 


USB is the dominant interface for PC peripherals, but you may also come across cabled 
devices requiring different connections. 


THUNDERBOLT (TB) 


The Thunderbolt (TB) interface was developed by Intel® and is primarily used on 
Apple® workstations and laptops. Thunderbolt® can be used as a display interface (like 
DisplayPort or HDMI) and as a general peripheral interface (like USB). In its first two 
versions, Thunderbolt uses the same physical interface as MiniDP and is compatible 
with DisplayPort, so that displays with a MiniDP port can be connected to a host via 
Thunderbolt. Thunderbolt ports are distinguished from MiniDP by a lightning bolt icon. 


The USB-C form factor adopted for Thunderbolt 3. (Image © 123RF.com.) 


Version 2 of the standard supports links of up to 20 Gbps. Up to six devices can be 
connected to a single port by daisy-chaining the devices. You can also use a dock or 
hub device to channel a variety of ports (TB, USB, HDMI, and Ethernet, for instance) via 
a single Thunderbolt port on the host PC or laptop. 


Thunderbolt version 3 changes the physical interface to use the same port, connector, 
and cabling as USB-C. Converter cables are available to connect Thunderbolt 1 or 2 
devices to Thunderbolt 3 ports. A USB device plugged into a Thunderbolt 3 port will 
function normally but Thunderbolt devices will not work if connected to a USB port 
that is not Thunderbolt-enabled. Thunderbolt 3 supports up to 40 Gbps over a short, 
high-quality cable (up to 0.5m/1.6ft). 


LIGHTNING 


Apple's iPhone® and iPad® mobile devices use a proprietary 8-pin Lightning port and 
connector. The Lightning connector is reversible (can be inserted either way up). 
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Apple Lightning connector and port. (Image © 123RF.com.) 


The Lightning port is found only on Apple's mobile devices. To connect such a device to 
a PC, you need a suitable adapter cable, such as Lightning-to-USB A or Lightning-to- 
USB C. 


SERIAL PORTS (RS-232 AND DB-9) 


The serial port (or RS-232) is so-called because data is transmitted over one wire one 
bit at a time. Start, stop, and parity bits are used to format and verify data 
transmission. While modern interfaces like USB are also serial, an RS-232 interface 
uses much less sophisticated signaling methods. Consequently, an RS-232 serial port 
supports data rates up to about 115 Kbps only. 


——— 


9-pin serial connector and port. (Image © 123RF.com.) 


Serial ports are generally associated with connecting external modems, used to 
establish dial-up Internet connections, though even this function has largely been 
superseded by USB. You may also come across serial ports on network equipment, 
where a serial connection can be used to manage the device. 


RS-232 (Recommended Standard #232) specifies a 25-pin hardware interface, but in 
practice, PC manufacturers used the cheaper 9-pin D-shell (DB-9) male port shown 
above. 


In Windows®, the serial port is referred to as a Communications (COM) port. 
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Note: You might also come across the term PS/2. This was a serial interface used to 
attach mice and keyboards. PS/2 ports use a 6-pin mini-DIN format. 


STORAGE CONNECTOR TYPES 


USB and Thunderbolt are examples of multipurpose cables used to attach different 
kinds of external peripheral device (though it is also possible to use USB cabling within 
the system case). Internal storage devices use different types of interface, though. 


* SATA and eSATA connectors. 


Serial Advanced Technology Attachment (SATA) is the standard means of 
attaching internal storage drives to a desktop PC. Each SATA host adapter port 
supports a single device. 


Internal SATA cables can be up to 1 m (39"). The cables are terminated with 
compact 7-pin connectors. 


Hard Drive 


SATA Power 
Connection 


SATA data and power ports on a hard drive. (Image © 123RF.com.) 


There is also an eSATA standard for the attachment of external drives, with a 2 m 
(78") cable. You must use an eSATA cable to connect to an external eSATA port; you 
cannot use an internal SATA cable. eSATAp is a non-standard powered port used by 
some vendors that is compatible with both USB and SATA (with an eSATAp cable). 
The USB interface dominates the external drive market, however. 


Note: The main drawback of eSATA compared to USB or Thunderbolt external drives 

Oo is that power is not supplied over the cable. This is not so much of an issue for 3.5" 
drives, which require a separate power supply anyways, but it limits the usefulness of 
eSATA for 2.5" portable drives. 


* SCSI. 


Modern connection interfaces use serial communications. These serial links can 
achieve Mbps and Gbps speeds because of improved signaling and encoding 
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methods. Back when serial interfaces were much slower, PC vendors used parallel 
data transmission to support better transfer rates. While a serial interface 
essentially transfers 1 bit at a time, a parallel interface transfers 8 bits (1 byte) or 
more. This requires more wires in the cable and more pins in the connectors, 
meaning parallel interfaces are very bulky. 


Internal PC storage devices often used Parallel ATA (PATA)/Enhanced Integrated 
Drive Electronics (EIDE) connections. This supported transfer rates up to about 133 
MBps. Workstations and servers requiring more speed would use the Small 
Computer Systems Interface (SCSI) bus instead. SCSI could support up to 320 
MBps data rates. While you will not come across any new systems shipping with 
SCSI connections, you might need to support legacy systems that use SCSI. 


SCSI could be used for both internal devices and external peripherals (such as 
scanners and printers) but you are very, very unlikely to find it used anywhere 
except for the connection of internal disk drives. While early SCSI types used 50-pin 
connectors, you are only likely to come across High Density (HD) 68-pin connectors 
or Single Connector Attachment (SCA) 80-pin connectors. SCA incorporates both a 
power connector and configuration wires, allowing for hot swappable drives. 


Male Connector (68-pin) 


Female Port (68-pin) 


Internal and external male HD connectors. (Image © 123RF.com.) 


Also, you should note that while parallel SCSI as a physical interface has almost 
completely disappeared, the software interface and command set are used in many 
other storage technologies, including Serial Attached SCSI (SAS), Firewire, and 
Storage Area Networks (SAN). 

* Molex connectors. 


As well as a data connection, an internal hard drive needs to be connected to the 
computer power supply. A computer power supply will come with a number of 
peripheral power connectors. For older devices, this power connection is made 
using Molex connectors and ports. A Molex connector is usually white and has 4 
pins plus red, yellow, and black wires. 
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A Molex connector. (Image © 123RF.com.) 


Note: SATA drives are more likely to use the SATA power connector. Some devices 
might have both types of power connectors. 


NETWORK CONNECTOR TYPES 


Network connections also use dedicated cable types, rather than multipurpose cabling 
such as USB and Thunderbolt. 
* RJ-45. 
Most computers have a network adapter already installed as part of the 
motherboard chipset. The network adapter will have an RJ-45 port to connect the 
computer to the network, via another RJ-45 port in the network equipment. This 
port will be marked "LAN" (Local Area Network). 
An RJ-45 (Registered Jack) connector is used with twisted pair cable for Ethernet 


local area networking products. Twisted pair is a type of copper cabling where pairs 
of insulated conductors are twisted around one another, to minimize electrical 


interference. 
| 


RJ-45 port and connector. (Image © 123RF.com.) 


RJ-45 connectors are used with 4-pair (8-wire) cables. The connectors are also 
referred to as 8P8C, standing for 8-position/8-contact. This means that all eight 
"potential" wire positions are supplied with contacts, so that they can all carry 
signals if needed. 


© RJ-11. 
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Smaller RJ-11 connectors are used with 2- or 3-pair UTP or with flat ribbon "silver 
satin" phone cables. Typically only one pair carries the dial tone and voice circuit 
(also called the Tip and Ring wires after the way older phono plugs were wired). The 
other pair is usually unused but can be deployed for a secondary circuit. RJ-11 
connectors are used for telephone systems (for example, to connect a modem to a 


phone jack). 
‘ 
" 


RJ-11 port and connector. (Image © 123RF.com.) 


(6P4C) connector is required. This is physically the same size as RJ-11 but has more 


Note: An RJ-11 connector only has two contacts (6P2C); to use more pairs, an Rj-14 
wired contacts. 


EXPANSION CARDS 


Expansion cards (or add-on cards) can be installed on the motherboard to add 
functions or ports not provided as part of the chipset. An expansion card can be fitted 
to an appropriate slot (PCI or PCle) on the motherboard. 


+ I/O Adapters and Storage Cards. 


Most Input/Output (I/O) bus functions are provided on the motherboard, which will 
typically have USB ports for external peripherals and SATA ports for internal storage 
drives. An adapter card can be installed to provide additional ports or a bus type 
that is not supported on the motherboard. Typical examples include an eSATA host 
adapter to make external storage ports available, a flash memory card reader, a 
card with extra USB ports, or a card supporting wireless peripherals, such as 
Bluetooth®. 

e Network Interface Cards (NICs). 
Most computers have a network adapter already installed as part of the 
motherboard chipset. However, there may be occasions when you need to install an 
add-on Network Interface Card (NIC) or need to upgrade an adapter to use a 
different type of network, bandwidth, or cabling. 
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Network 
Interface Card 


RJ-45 Ports 


RJ-45 ports on a Network Interface Card (NIC). (Image © 123RF.com.) 


A Wi-Fi adapter can be added to connect to a wireless network. Wi-Fi adapters are 
developed to different 802.11 standards (802.11a/b/g/n/ac). 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vl and job aids on How to Install and Remove Expansion Cards. 
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Activity 1-3 


Identifying Connection Interfaces 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. In this graphic, identify the (A) audio ports, (B) video ports, and (C) USB 
ports. 


2. You are speaking with a junior technician. He is not sure what is meant by a 
"keyed" connector. Can you tell him? 


3. What is the nominal data rate of a USB port supporting SuperSpeed+? 


4. True or false? USB-C ports and cables are compatible with Apple Lightning 
ports and cables. 
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5. What type of device would you connect a Molex cable to? 


6. Why would you install an I/O adapter card? 
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Activity 1-4 


Demonstrating PC Disassembly and 
Reassembly 


BEFORE YOU BEGIN 


Your instructor will provide you with a WORKBENCH PC system to use to complete this 
activity. Make sure you find out the account credentials used to sign in. If a PC is not 
available for use in this activity, use the reference images provided instead. 


You will perform this activity at your WORKBENCH PC. 
SCENARIO 


You are responsible for familiarizing new technical support staff on the hardware used 
by the company. You are going to show how to remove the PC case to compile 
information about the components installed to add to system inventory 
documentation. 


1. Open a PC case and identify components on the motherboard. 


a) The PC should be powered off and cables to devices should all be disconnected. If 
not, shut down the PC then remove all the cables, starting with the power connector. 


b) Carefully lift the system unit onto your workbench and remove the system case cover. 
Use this image if you don't have a computer to open. 
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c) Without touching anything inside the system unit, identify the following components. 
You can move cables if they obstruct your view, but be careful not to dislodge them 
from their connectors. If you do not have access to a PC, identify the location of 
components in the image above instead. You will not be able to see as much as with a 
physical inspection, so do not worry if you cannot identify exact numbers and types. 
e CPU 
* Memory slots (number and type—DDR3 or DDR4 for instance) 

* Expansion slots (number of each type) 
* Drive ports (number of each type) 

* Power connectors (P1 and fans) 

* RTC battery 

* Front panel connectors 


Draw a diagram showing the layout of the components you identified above. 


Write down any problems you might suspect with the way the system is 
built (for example, cables not connected to devices, scorch marks, excessive 
dust or dirt, and so on). 


When you have finished, replace the system case cover. 


Identify the external ports. 


Your system likely has a different number of ports, different ports, and different locations 
for some items. Use this image if you don't have a physical PC to examine. 
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6. What ports can you identify? 


7. Demonstrate how to identify external ports on your WORKBENCH PC. 


a) 


b) 


Inspect the PC and complete the table below to show the number of available ports 
(remember that there could be connectors on the back and the front of the PC). 


Port Type Number/Notes 
USB 2 

USB 3 

Thunderbolt (MiniDP or USB type) 

Network (RJ-45) 


Other (display connectors, for 
instance) 


Check the ports carefully to ensure that none are damaged (for example, pins that are 
broken, bent, or missing or mounting bolts that are loose or missing). 


8. Check the case labeling for the following information (this would be used to 
obtain support): 


Information Details 
Vendor (OEM) 
Model Number 


Serial Number/ 
Service Tag 


9. Finally, demonstrate how to set up the PC for use again. 


a) 


b) 


c) 
d) 


If the cabling is fine, connect the devices in the following order, taking care not to 
damage the connectors and to secure them properly (note that some devices might 
not be available to you—check with your instructor if you are unsure): 

e Mouse 

* Keyboard 

* Display screen 

e Microphone and speakers 

* Display power plug 

* PC power plug 

Check the routing of cables so that there are no trip hazards. Optionally, adjust the 
monitor so that it is the correct height for use (the top edge should be at eye level). 
When your instructor has checked the system, press the power button to turn it on. 
As the PC powers up, listen and look for the following signs that the computer is 
operating normally. 

e Power LED comes on. 

e Fans start spinning. 
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e Hard disk activity—LED flickers and there may be some soft noise but grinding or 
clicking indicates a problem. 
* System firmware messages on the screen—if you do not see anything, check the 
display is connected and switched on. 
* Windows logo on the screen. 
e) Verify that the keyboard and mouse work. Sign in to the PC using the credentials 
provided. 


10. Your instructor might provide you with examples of device connections and 
interfaces and ask you or other participants to identify them. 
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Topic D 


Install Peripheral Devices 


EXAM OBJECTIVES COVERED 
a 1001-3.6 Explain the purposes and uses of various peripheral types. 


Much of the work that you will perform as a PC technician will involve installing and 
configuring various hardware and software components. As an IT professional, you will 
often find yourself setting up end-user workstations or helping those end users with 
the hardware they need to make their daily lives easier. Installing and configuring 
peripheral components—like keyboards and mice, or even more specialized devices— 
are some of the more common tasks that you will perform. 


INPUT DEVICES 


Input devices—or Human Interface Devices (HIDs)—are peripherals that enable the 
user to enter data and select commands. Computers need user input such as 
directions or commands and user interaction with the programs that are included in 
order to produce something of use. 


Keyboards and pointing devices are the standard input devices for personal computers 
these days, but there is an ever-growing number of input devices available for the user 
to interact with in a variety of ways. As well as command input, security systems often 
require different ways for users to input credentials to access an account or authorize 
a payment. 


KEYBOARDS 


The keyboard is the longest serving type of input device. Historically, keyboards were 
connected via the 6-pin mini-DIN PS/2 port. This is colored purple to differentiate it 
from the identical form factor mouse connector. All keyboards are now USB or wireless 
(typically Bluetooth), though. 


Extended PC keyboards feature a number of special command keys (Alt and Ctrl plus 
keys such as Print Screen, NumLock, Scroll Lock, Start, Shortcut, and Function). A 
numeric keypad can be used to allow faster entry of numeric data or as an additional 
set of arrow keys (the function is toggled by NumLock). Multimedia keyboards may 
also feature programmable keys and buttons that can be used for web browsing, 
playing CDs/DVDs, and so on. 
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TAB/CAPS/SHIFT 


Numeric 
Keypad 


Arrow and 
Navigation Keys 


Command (Mac)/ 


Windows Key cds 


An extended keyboard. (Image © 123RF.com.) 


When selecting a keyboard for a user, in addition to considering its ergonomics, you 
should also consider whether the keyboard offers additional features (such as 
customizable hot keys and scrolling) as well as wireless connectivity. 


An ergonomic keyboard. (Image by Dmitriy Melnikov © 123RF.com.) 


Most keyboards designed for use with Latin scripts use the QWERTY key layout. There 
are different layouts though, such as the small differences between US and UK layouts, 
the Dvorak alternative layout for Latin script, and keyboards for different scripts, such 
as Cyrillic. It is important that the keyboard type is set correctly in the OS. 


In Windows, the type of keyboard layout is configured through the Language applet in 
Control Panel/Settings so that the computer knows which symbol to use when a 
particular key or key combination is pressed. 
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€ Settings - x € Settings - x 


m@ Region & language @ English (United Kingdom) 


Country or region . 
Language options 
Windows and apps might use your country or region to give you 


local content Handwriting 
United Kingdom There are no handwriting options for this language 
Speech 
Settings 
Languages 


Windows display language 


Keyboards 


English (United Kingdom) ae Add a keyboard 


Preferred languages 


United Kingdom 


sites will appear in the first language in the list that QWERTY 


Big Add a language Do you have a question? 


Get help 
iF English (United Kingdom) FUA 
Wind 


display language 


iF English (United States) ao 


Language pack available 


Language and input options in Windows 10. 


POINTING DEVICES 


While a keyboard can be used to navigate a window (using Tab and arrow keys, for 
instance), most operating systems are designed to be used with some sort of pointing 


device. A pointing device is usually used to move a cursor to select and manipulate 
objects on the screen. 


MOUSE 


The mouse is the main type of pointing device for graphical software. Mice use the 
same interfaces as keyboards (the PS/2 port for a mouse is color-coded green, though). 
There are three main types: 


e Mechanical mouse—this contains rollers to detect the movement of a ball housed 
within the mouse case. As the user moves the mouse on a mat or other firm 
surface, the ball is moved and the rollers and circuitry translate that motion to 
move a cursor on the screen. Mechanical mice are no longer in production. 

* Optical mouse—this uses LEDs to detect movement over a surface. 


e Laser mouse—this uses an infrared laser, which gives greater precision than an 
optical mouse. 
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A basic mouse, with a scroll wheel and four buttons (two main buttons on top and two side buttons). 
(Image © 123RF.com.) 


Another distinguishing feature of different mouse models is the number of buttons 
(between two and four), which can be customized to different functions, and the 
presence of a scroll wheel, used (obviously) for scrolling and as a clickable extra 
button. Mice are also distinguished by their size and shape. Smaller mice are useful 
with portable systems; some mice are marketed on the basis of their ergonomic shape. 


TOUCHPAD 


A touchpad is a small, touch-sensitive pad where you run your finger across the 
surface to send electronic signals to the computer to control the pointer on the screen. 
Touchpads can have buttons like a mouse or trackball, or the touch pad can be 
configured to detect finger taps on its surface and process those signals like button 
clicks. 


Mi . Re. 4 A : A La ptop Touch pad 


Touchpad on a laptop. (Image © 123RF.com.) 


Touchpads are most closely associated with laptop computers but it is possible to use 
them as peripheral devices with PCs, too. An external touchpad is connected using USB 
or Bluetooth. 
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GAME CONTROLLERS 

PC games are mostly designed for use with the mouse and keyboard but some games 
(flight simulators, for instance) benefit from the use of a game controller, such as a 
joystick or game pad. There are also controllers for specific game types, such as 
steering wheels for driving games and light guns for shooting games. As with most 
other peripherals, wired game controllers are connected using USB, whereas wireless 
models use Bluetooth. Joysticks can also be used as input devices by people who have 
difficulty using a mouse or keyboard. 


A game controller. (Image © 123RF.com.) 


KVM SWITCHES 


A Keyboard, Video, Mouse (KVM) switch allows multiple computers (typically servers) 
to be controlled via a single keyboard, mouse, and monitor. Some switches designed 
for home use also support speaker and microphone ports. Each computer's ports are 
cabled to the switch, then a single cable runs from the switch to the input and output 
devices. 


A KVM switch with front and back views. (Image © 123RF.com.) 


Simple desktop KVM switches support two devices; control is usually switched using a 
key sequence such as Scroll Lock + Scroll Lock + an arrow key (such as Right Arrow). 
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Server-level KVM switches may support 10 or more ports and have more sophisticated 
controls. 


SECURITY INPUT DEVICES 


Security input devices provide protection against unauthorized access to computing 
devices and resources. Commonly implemented security input devices include 
biometric devices and card readers. 


BIOMETRIC AUTHENTICATION DEVICES 


Biometric devices are used to perform authentication. Authentication means 
identifying someone as a valid user of the computer or network. 


Biometrics is an automated method of recognizing a person based on a physiological 
or behavioral characteristic unique to the individual, such as a retina pattern, 
fingerprint, or voice pattern. Biometric technologies are becoming the foundation of an 
extensive array of highly secure identification and personal verification solutions. 
Biometric input devices can add an additional layer of physical security or information 
security by verifying the identity of the person attempting to gain access to a location 
or device. 


Biometric devices will need to be installed and configured, and then initialized for the 
specific end user who will be using the device. The initial biometric authentication 
“object” for the user (be it a fingerprint, retina scan, pass phrase, etc.) must first be 
captured and stored. Then the user will have to test the device to make sure that it 
accurately verifies his or her identity against the authentication object, permitting them 
access to the location or device. 


Touching a fingerprint scanner. (Image © 123RF.com.) 


Whether or not a biometric device is being deployed will likely be a decision made 
based on an organizational security policy or standard. If biometric devices will be 
deployed at individual workstations, you will need to determine the specific biometric 
device's connector requirements; as most use a USB connection, you will need to make 
sure that the user's computer has an available USB port to connect the device. 


SMART CARD READERS 


A smart card reader provides a slot or NFC (contactless) interface to interact with a 
smart card. The reader is typically a peripheral device attached via a USB port but may 
be built into some laptop models. The microprocessor embedded in the smart card is 
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used to store a digital certificate to prove the identity of the holder. The use of the 
certificate token is combined with a PIN or password to protect against loss or theft. 


P 


A smart card reader. (Image © 123RF.com.) 


MAGNETIC STRIP/CHIP READERS 

In the days before microprocessors could be made small enough to embed in a plastic 
wafer, the account number and other details of a credit or bank card were encoded in 
a magnetic strip. All bank-issued cards retain these magnetic strips for compatibility 
with legacy systems. When the card is swiped through a magnetic reader, the reader 
obtains the account details from the card. As with smart card readers, these would be 
attached as a USB peripheral. 


A chip reader works in the same way as a smartcard reader but is designed to work 
specifically with bank cards to support Point of Sale (POS) systems. 


NFC AND TAP PAY DEVICES 

As mentioned above, a smart card can be contact-based or contactless. Many 
contactless readers use the Near Field Communications (NFC) protocol. NFC is a 
very short range radio link based on Radio Frequency ID (RFID). NFC normally works 
at up to 2 inches (6cm) at data rates of 106, 212, and 424 Kbps. 


As well as cards, NFC sensors are now often integrated with smartphones, allowing 
their use as a kind of "electronic wallet." As with a chip reader, an NFC/tap pay terminal 
would be attached to the computer via a USB cable as part of a POS system. 
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NFC mobile payment between a smartphone and a payment processor. (Image © 123RF.com.) 


SIGNATURE PADS 

Signature recognition uses a signature pad and a database of approved signatures. A 
user signs the signature pad, and the recognition system analyzes the individual 
behavior of the person signing, such as the strokes used and the pressure applied 
while signing, to verify the identity of the user. 


If not hard-wired into a system (such as a security system), a signature capture pad 
used with a smaller device like a personal computer typically connects via a USB 
connection. 


A signature pad and pen. (Image © 123RF.com.) 


INSTALLATION AND CONFIGURATION CONSIDERATIONS 


Peripheral devices for Windows computers are Plug-and-Play. This means that they 
can be added to the computer and the operating system will detect the device 
automatically and prompt you to configure it using a hardware or device setup wizard. 
Most devices also come with setup programs which will do the same job. They are 
required if the OS does not ship with the drivers required by the device. 
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SYSTEM RESOURCES 


When you install a new device, such as a network card, sound card, or internal modem 
into a PC, it must be allocated a set of system resources that enable it to 
communicate with the CPU and memory without conflicting with other devices. This 
process is handled by Plug-and-Play. 


Resource Description 
Memory Range/I/O Every device in the PC has its own set of unique memory 
Address addresses in an area called the I/O address map. The I/O 


address is a means for the CPU to communicate with a 
device. The address map is a block of system memory 65,536 
bytes (64 KB) in size. The I/O port is referred to using its 
hexadecimal (or port) address in the range of 0000-FFFF. 


Interrupts (IRQ) An I/O address tells the CPU where to look in memory to 
communicate with a device, but it must also know when to 
communicate with it! This is accomplished by the device 
raising an Interrupt Request (IRQ). Under the early PC 
architecture, each device was allocated an IRQ "line" from 0 
to 15. Allocating the same IRQ to two devices was the cause 
of many problems on these early computers. Modern PCs use 
more advanced interrupt controllers to facilitate interrupts 
from multiple devices on a bus such as PCI or PCle. Some 
core system components are still allocated IRQs from the 0 to 
15 range, though. 


HOT SWAP 


Most devices connected over USB are hot swappable. This means that the device can 
be added to or removed from the computer while it is switched on. Devices attached 
via legacy interfaces may need the PC to be restarted. 


Note: You may also see the term hot pluggable used. Technically, a hot pluggable device 
can be installed while the system is running but cannot necessarily be removed safely 


without shutting down the computer. A fully hot swappable device can be added or 
removed without an OS restart. 


DRIVERS 


Before connecting a device, you may need to install its driver using the vendor- 
supplied software. A driver is software that creates an interface between the device 
and the operating system. It may also include tools for configuring and optimizing the 
device. Many devices have drivers that are shipped along with Windows or made 
available over Windows Update, but even in that case the vendor may be able to 
supply a more up-to-date driver. Output devices such as monitors and speakers do not 
generally require drivers, but input devices such as mice, keyboards, and touchscreens 
do. 


CONNECTIONS 


Assuming the correct driver is available to the OS, adding and removing external 
peripherals is then just a case of plugging or unplugging the connector into the correct 
type of socket. USB has simple push/pull connectors that are keyed to prevent 
incorrect insertion. Connectors for legacy ports often have screws to hold them in 
place. RJ-11 and RJ-45 connectors have a plastic clip that must be pressed down to 
remove. 
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CONFIGURATION 


The OS will detect and install the device automatically. You can then use Device 
Manager, Control Panel, Windows Settings, or the vendor-supplied software to 
configure user settings. 


GUIDELINES FOR INSTALLING PERIPHERAL DEVICES 


Follow these guidelines for working with peripheral devices. 


INSTALLING PERIPHERAL DEVICES 

Here are some guidelines for you to consider when you are adding or removing 

peripheral devices: 

* Always read the manufacturer's instructions and check that the device is compatible 
with the PC and operating system. 

* Hold the connector, not the cable, when removing a lead. 

* Inspect the connector and port for damage (notably broken or bent pins) before 

attaching a lead. 

Take care to align the connector carefully and do not use excessive force, to avoid 

damaging the pins. 

* Check whether the device requires an external power source. 


>) Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 


that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vl and job aids on How to Install and Remove Peripheral Devices. 
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Activity 1-5 


Discussing Peripheral Device 
Installation 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Aremote user has requested a Dvorak keyboard for use with her Windows 10 
computer. The device has arrived and the user connected it to a USB port. She 
contacts support saying that the keyboard "isn't typing properly." 


What is the likely cause of this issue? 


2. You are contacted by another remote user. The user has a laptop and desktop 
computer. The user wants to know if there is a device that would allow them to 
use the same peripheral devices with both systems without having to switch 
cables over all the time. 


What is your answer? 


3. You are supporting a client setting up a Point of Sale system. 


Which peripheral device types or functions should she consider? 


4. You have finished copying some files to a USB memory stick. 


What should you do before unplugging the stick? 
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Summary 


In this lesson, you identified common safety procedures, core hardware components, 
and various connection interfaces, and you installed peripheral components. 


Have you encountered situations where appropriate safety procedures were not 


followed? Which safety precautions do you think will be most important to 
follow? 


Will there be any specialty input devices that you will need to install or configure 
at your workplace? How might this affect your day-to-day activities as an IT 
professional? 


Practice Question: Additional practice questions are available on the CompTIA CHOICE 
platform within the Assessments tile. 
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Lesson 2 


Installing, Configuring, and Troubleshooting 
Display and Multimedia Devices 


LESSON INTRODUCTION 


This lesson focuses on installing, configuring, and troubleshooting display and multimedia devices. 
The video and audio subsystems provide the main ways that information is output from the 
computer and presented to the user. Multimedia devices can also be used as inputs—to record 
sound from a microphone, import pictures from a scanner or camera, or capture video from a 
webcam. 


LESSON OBJECTIVES 


In this lesson, you will: 
* Install and configure display devices. 
* Troubleshoot display device issues. 


* Install and configure multimedia devices. 
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Topic A 


Install and Configure Display Devices 


EXAM OBJECTIVES COVERED 
a 1001-3.1 Explain basic cable types, features, and their purposes. 


1001-3.5 Given a scenario, install and configure motherboards, CPUs, and add-on cards. 
1001-3.6 Explain the purposes and uses of various peripheral types. 


Output devices are those that transmit information from the computer system to the 
user, whether as video/graphics (display), audio (speakers), or hard copy (printer). The 
video subsystem is the main type of output provided with a PC. Graphics output is 
provided by some sort of display unit or monitor plus a video card, which generates 
the signals to drive the monitor. 


DISPLAY DEVICE TYPES 


Display devices include monitors, projectors, and VR headsets. You will work most 
often with monitors, as they are required by practically every desktop and portable 
computer. 


Some notable manufacturers of display devices include ViewSonic®, liyama, Sony, 
Panasonic, Toshiba, LG, Acer®, Sanyo, and Mitsubishi. 


MONITORS 


Historically, computer monitors used the same sort of cathode ray tube (CRT) 
technology as consumer television sets. A CRT requires an analog signal from the 
display adapter to form the picture. CRTs are also very bulky. In the last decade or so, 
flat panel displays have replaced CRTs. Flat panels use digital signaling, are much 
thinner and lighter, and use less power than CRTs. 


LCDs 

Flat panel Liquid Crystal Displays (LCDs) are the standard display type for PC systems 
and laptops. Liquid crystals are chemicals whose properties change with the 
application of voltage. In modern types of LCD, voltages "twist" the molecules in the 
liquid crystal to block the passage of light to some degree to set the pixel to the 
required color. 


Each picture element (pixel) in a color LCD comprises cells (or subpixels) with filters to 
generate the three primary colors (red, green, and blue). Each pixel is addressed by a 
transistor to vary the intensity of each cell, therefore creating the gamut (range of 
colors) that the display can generate. In the types of flat panel used for computer 
displays, the liquid crystal elements and transistors are placed on a Thin Film 
Transistor (TFT) and such LCD panels are often just referred to as "TFTs." TFTs 
designed for use with PCs are usually of two types: 


* Twisted Nematic (TN)—produces acceptable results and good response times. 
Low response times make the display prone to motion blur and "trails." 

+ In-Plane Switching (IPS)—the different arrangement of the cells in IPS panels 
delivers better color reproduction at a wider range of viewing angles (especially 
vertical viewing angles) than TN-type displays. The trade-off is slightly worse 
response times. 
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TFTs are driven by a digital signal, but many older models come with analog-digital 
converters so they can accept an analog signal from an interface such as Video 
Graphics Array (VGA). 


> 


A desktop computer with a TFT display. (Image © 123RF.com.) 


LCD BACKLIGHTS 

A TFT panel must be illuminated to produce a clear image. In cheaper displays, the 
backlight is a Cold Cathode Fluorescent (CCFL) bulb. In most modern TFTs, the 
backlight is provided by an array of Light Emitting Diodes (LED) rather than a 
fluorescent bulb. There are a number of different types of LED lighting: 


* Edge lit—the LEDs are arranged around the screen rather than behind it. A diffuser 
is used to try to make the light evenly bright across the whole of the screen. 

* Backlit—the LEDs are positioned in an array behind the TFT. This should illuminate 
the panel more evenly. The disadvantage is that the panel will be slightly thicker. A 
full array LED backlight can also allow for local dimming, where the LEDs can be 
selectively dimmed in zones, improving contrast ratio (and power efficiency). 

* Color temperature—the backlight can either generate a uniform white light (WLED) 
or be composed of some combination of RGB or GB LEDs, to allow for different 
color "temperatures." 


OLED DISPLAYS 


An OLED (Organic LED) display is a newer type of device, often used for small screens 
(in smartphones, for instance), though more full-scale OLED monitors are starting to 
appear. One advantage of OLED is that it does not require a separate backlight, making 
the representation of "True Black" much better and allowing the display to be thinner, 
lighter, and consume less power. Also, OLEDs can be made from plastic with no 
requirement for a layer of glass. This means that the display can be curved to different 
shapes. Manufacturers are even experimenting with flexible, roll-up displays. 


DIGITAL PROJECTORS 


A video projector is a large format display, suitable for use in a presentation or at a 
meeting. The image is projected onto a screen or wall using a lens system. Some types 
of projectors are portable; others are fixed in place. 
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A DLP projector. (Image © 123RF.com.) 


Like display monitors, projectors can use different imaging technologies: 


* Cathode Ray Tube (CRT)—you may come across legacy projectors using this analog 
format, but they are not widely marketed anymore. 

* Liquid Crystal Display (LCD)—this is a similar technology to that used in display 
screens except that the lamp used to project the image is much more powerful than 
a backlight. 

+ Digital Light Processing (DLP)—developed by Texas Instruments. Each pixel ina 
DLP device is represented by a mirror, which can be tilted towards or away from the 
lamp, and color filters to create the required shade. 

* Laser projector—a lampless projector still uses LCD or DLP imaging but replaces the 
bulb light source with laser light. Some systems use three lasers (red, green, and 
blue) while others use a single laser with splitters and phosphors to generate 
different shades. 


Note: Take care when handling projectors. During use, the bulb becomes very hot and 
while it is hot will be very fragile. Allow a projector to cool completely before attempting 


to move it. 


VR HEADSETS 


A Virtual Reality (VR) headset is a device that fits over your eyes and ears. It aims to 
replace sights and sounds from the real world with images and noises generated by a 
computer application. The headset also comes with handheld controllers to allow you 
to move the avatar representing you in the virtual space and interact with the virtual 
environment. 


VR is mostly used for games but has other obvious applications for meetings and 
social networking that is likely to see it more widely adopted in business networks in 
the next few years. There are two main types of headsets: tethered VR headsets are 
self-contained devices, whereas mobile VR headsets are designed to use a specific 
smartphone model (or range of models) to provide the display. 


Tethered headsets, such as the HTC Vive® and Oculus Rift, require an HDMI port plus a 
number of USB ports on the host PC. While not current at the time of writing, it is likely 
that most systems will adopt a single USB-C cable in the near future. Tethered VR 
headsets have substantial system requirements for the CPU, graphics adapter, and 
system memory. 


Note: Make sure the surrounding area is free from obstructions and trip hazards so that 
the wearer is less likely to hurt themselves or damage anything in the nearby 
environment. 
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DISPLAY DEVICE SETTINGS AND FEATURES 


Display devices are evaluated on the following characteristics: 


Resolution and analog versus digital output. Resolution is the number of pixels 
(picture elements) used to create the image. Resolution is quoted as the number of 
horizontal and vertical pixels (for example, if the resolution is 640x480, the image is 
640 pixels wide by 480 pixels high). Each pixel can be a different color. The total 
number of colors supported in the image is referred to as the color depth (or bit 
depth). Early (very early) computer monitors had limited color support, such as 8-bit 
(256 colors). Modern TFTs will support either 18-bit or 24-bit (or higher) color. 


A video card (the component that generates the screen image) can support a 
number of resolutions (limited by the card's bandwidth; higher resolutions require 
more data). If the resolution set is greater than the monitor's maximum resolution, 
then the display will be unstable or will not show anything. 


While analog display devices (such as legacy Cathode Ray Tube [CRT] monitors) can 
support a range of resolutions, digital display devices such as TFTs have a native 
resolution, based on the number of pixels in the display. An analog device such as 
CRT can support a number of output resolutions without losing quality (the 
"crispness" of an image). TFTs only support lower resolutions by interpolating the 
image, which makes it look "fuzzy." 

Screen size and aspect ratio. For flat panels, the quoted screen size is always the 
viewable area, measured diagonally. Most screens are around 20" but premium 
models are available up to 30." Aspect ratio is the width of the screen divided by 
the height. Flat panels are either 4:3 or widescreen (16:9 or 16:10), with widescreen 
models now dominating the market. One feature of some flat panels is the ability to 
pivot the display through 90 degrees (making it 3:4 or 9:16). 


Note: Consumer widescreen (for DVD movies) is 16:9, but many PC widescreen 
display formats are 16:10 to leave room for on-screen controls above or below the 
movie. 


Refresh rate. In an analog device, refresh rate is the speed at which the CRT 
redraws the image, measured in hertz (Hz). If the refresh rate is not high enough 
(below about 70 Hz), there will be a noticeable flicker as the image is redrawn. This 
can cause eyestrain and headache. TFTs are not refreshed in the same way and do 
not suffer from flicker, but the refresh rate in a TFT still has an impact on the quality 
of the image (in particular, how smoothly objects in motion are displayed). 


Whereas refresh rate is the number of times the display device updates the display 
(regardless of whether the image is changed or not), the frame rate is the number 
of times the image in a video stream changes per second. This can be expressed in 
Hertz or Frames per Second (fps). The refresh rate needs to be synched to the 
frame rate. For example, a display device with a 120 Hz refresh rate displays a 30 
fps video stream at a ratio of 4:1. Standard TFTs have a refresh rate of 60 Hz with 
more expensive models featuring 120 or 240 Hz. 


Response rate is the time taken for a pixel to change color, measured in 
milliseconds (ms). The best quality TFTs have a response rate of 8 ms or lower. High 
response rates (over 20 ms) can lead to "ghosting" or "trails" when the image 
changes quickly. 

Brightness, contrast ratio, and illuminance. Luminance is the perceived 
brightness of a display screen, measured in candelas per square meter (cd/m?). 
Typically, TFTs are between 200 and 300 cd/m? though panels designed for home 
entertainment or gaming may be 500 cd/m? or better. Contrast ratio is a measure 
of luminance of white compared to black. Higher ratios (above 600:1) indicate that 
displays can display "true blacks" and better saturated (more intense) colors. 


Lesson 2: Installing, Configuring, and Troubleshooting Display and Multimedia Devices | Topic A 


70 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


When evaluating projectors, the critical performance factor is illuminance or light 
projecting power rather than luminance/brightness. With a flat panel, you want to 
evaluate how bright it appears when you look at it. With a projector, you want to 
evaluate the brightness of the image it projects onto another surface. Projectors are 
normally rated in lumens (or more specifically ANSI lumens, which represents a 
particular set of test conditions). A projector rated at around 3000 lumens will be 
able to display clear images with a small amount of ambient light (a room with the 
curtains closed and overhead lighting dimmed, for instance). A projector rated at 
6000 lumens would be able to display a clear image in a sunlit room. Do note that 
the larger the image, the greater the projecting power needs to be to maintain the 
same image clarity. 

* Viewing angle and privacy filters. The image on a flat panel darkens and distorts 
to some degree if not viewed straight on. Although this is not an issue for desktop 
use, it can affect use of the screen for viewing movies or as a presentation device. 
Manufacturers may quote acceptable viewing angles in marketing literature, but 
these values are not usually comparable to one another. As mentioned above, IPS- 
type flat panels perform better at wide angles than TN-type panels. 


A privacy filter prevents anyone but the user from reading the screen. IPS-type 
TFTs are designed to be viewed from wide angles. This is fine for home 
entertainment use but raises the risk that someone would be able to observe 
confidential information shown on a user's monitor. A privacy filter restricts the 
viewing angle to the person directly in front of the screen. 

* Coatings. A display can come with either a matte or a gloss coating. A gloss coating 
helps the display to appear "richer" but also reflects more light, which can cause 
problems with screen glare and reflections of background objects. A matte coating 
may be superficially less impressive but is generally better suited to office work. 
Antiglare covers are available if the ambient lighting causes problems with the 
display. 


VGA STANDARDS 


IBM® created Video Graphics Array (VGA) as a standard for the resolution and color 
depth of computer displays. VGA specifies a resolution of 640x480 with 16 colors (4-bit 
color) at 60 Hz. VGA also specifies other lower resolution modes with more colors, but 
640x480 is what is commonly referred to as "VGA." 


Increasing any one of resolution, color depth, or refresh rate increases the amount of 
bandwidth required for the video signal and the amount of processing that the CPU or 
Graphics Processing Unit (GPU) must do and the amount of system or graphics 
memory required. 


The VGA standard is long obsolete but was further developed by the Video Electronics 
Standards Association (VESA) as Super VGA (SVGA). SVGA was originally 800x600 @ 4- 
bit or 8-bit color. This was very quickly extended as the capabilities of graphics cards 
and monitors increased with the de facto XGA standard providing 1024x768 resolution, 
better color depths, and higher refresh rates. Resolutions for modern display systems 
use some variant of the XGA "standard" (in fact, these are labels rather than standards) 
or a High Definition (HD) resolution, similar to that found on consumer electronics and 
media. Some of the more popular XGA and HD resolutions in use are as follows. 


Standard Resolution Aspect Ratio 
WXGA (Widescreen XGA) 1280x800 Widescreen (16:10) 
SXGA (Super XGA) 1280x1024 5:4 

HD 1366x768 Widescreen (16:9) 
WSXGA 1440x900 Widescreen (16:10) 
HD+ 1600x900 Widescreen (16:9) 
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Standard Resolution Aspect Ratio 

Full HD 1920x1080 Widescreen (16:9) 
QHD (Quad HD) 2560x1440 Widescreen (16:9) 
4K UHD (Ultra HD) 3840x2160 Widescreen (16:9) 


DISPLAY DEVICE CONNECTIONS AND CABLES 


There are many different types of video connectors and cabling. An individual model of 
any one video card, monitor, or projector will often support more than one cable type. 
When computers were primarily used with CRT monitors, the graphics adapter would 
generate an analog video signal to drive the monitor. Now that most screens use TFT 
technology, the video signal is usually digital. Many digital monitors can take an 
incoming analog video signal but need to convert it back to digital (so the signal is 
being converted from digital to analog and then from analog back to digital). 


VGA PORTS AND CONNECTORS 


The distinctive blue, 15-pin Video Graphics Array (VGA) port (HD15F/DE-15) was the 
standard analog video interface for PC devices for a very long time. Up until a few 
years ago, even new video cards and monitors usually included it, though it is starting 
to be phased out completely now. 


The connector is a D-shell type (HD15M) with screws to secure it to the port. The 
screws very frequently become stuck or the housing bolt comes undone when you try 
to unscrew the connector. 


A VGA connector and port. (Image © 123RF.com.) 


The interface is analog, meaning that it carries a continuous, variable signal for Red, 
Green, and Blue (RGB) component video. 


Better quality cables (generally speaking, the thicker the better) use shielded coaxial 
wiring and support longer lengths at better resolutions. Low quality cable may only be 
able to support 800x600. The cable may be marketed with the highest resolution it can 
support—UXGA (1600x1200), for instance. Most VGA cable does not exceed 5 m but a 
good quality cable might be able to support sub-HD resolutions at lengths of up to 30 
m. 
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DVI PORTS AND CONNECTORS 


Digital Visual Interface (DVI) is a video cable type designed for flat panel display 
equipment. While popular for a short period after its introduction in 1999, DVI is now 
being phased out in favor of better-established technologies, such as HDMI®, 
DisplayPort™, and Thunderbolt™. You are unlikely to see DVI used on new display 
devices or computers. 


There are five types of DVI, supporting different configurations for bandwidth and 
analog/digital signaling. The pin configuration of the connectors identifies what type of 
DVI is supported by a particular port. 


* DVI-A 

* DVI-D (single link) 
* DVI-I (single link) 
* DVI-D (dual link) 
* DVI-I (dual link) 


DVI-D (single link) 
a a 
DVI-I (single link) 
~ ° 
DVI-D (dual link) 
~ ° 


DVI-I (dual link) 
JEI) 


DVI port and connector types. (Image © 123RF.com.) 


DVI-I supports both analog equipment (such as CRTs) and digital. DVI-A supports only 
analog equipment and DVI-D supports only digital. 


DVI bandwidth in single-link mode is 3.7 Gbps, enough for full HD resolution 
(1920x1200) at a frame rate of 60 fps. More bandwidth can be obtained through 
connectors that support dual-link mode. Dual-link supports over 7.4 Gbps, enough for 
HDTV @ 85 fps. A single-link connector can be plugged into a dual-link port, but not 
vice versa. 


There are economy and premium brands of DVI cable. Cables have to support an HD 


signal at a length of at least 5 m (16.5 ft). Better quality cable will support longer 
lengths. The quality cable uses thicker wiring and better shielding. 


HDMI PORTS AND CONNECTORS 


The High Definition Multimedia Interface (HDMI) is the most widely used graphic 
device interface. It is ubiquitous on consumer electronics, such as televisions and Blu- 
ray players, as well as computer equipment. HDMI supports both video and audio 
digital streams, plus remote control (CEC) and digital content protection (HDCP). 


Lesson 2: Installing, Configuring, and Troubleshooting Display and Multimedia Devices | Topic A 


The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 73 


oe Note: HMDI carries only a digital signal. It does not support analog monitors. 


HDMI cabling is specified to different HDMI versions with different bandwidth 
capabilities. Notably, version 1.4 adds support for 4K (4096x2160@24Hz). 4K is the 
format used in digital cinemas and consequently represents something of a Holy Grail 
for home cinema enthusiasts. The Ultra HD (3840x2160) format is often also branded 
"4K." 


Version 1.4 also allows the controller (typically a computer) and display device (an IP- 
capable TV, for instance) to establish a Fast Ethernet (100 Mbps) network link over an 
HDMI With Ethernet cable. 


At the time of writing, HDMI is on version 2.1. This supports 48 Gbps bandwidth, or up 
to 10K at 120 Hz. 


HDMI uses a proprietary 19-pin (Type A) connector. There is a Type B connector (29- 
pin) to support dual-link connections but it is not widely used. 


HDMI Type A 


HDMI Type A port and connector. (Image © 123RF.com.) 


HDMI v1.3 introduced the Mini HDMI connector (Type C) for use on portable devices, 
such as camcorders. This is more compact but has the same number of pins. HDMI 
v1.4 also introduced the even smaller Micro HDMI connector (Type D), still with 19 pins. 


A 


From left to right: HDMI connector and port, Mini-HDMI connector and port. (Image © 123RF.com.) 


HDMI cable is rated as either Standard (Category 1) or High Speed (Category 2). High 
Speed cable supports greater lengths and is required for v1.4 features, such as 4K and 
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3D. HDMI version 2.0 and 2.1 specify Premium High Speed (up to 18 Gbps) and Ultra 
High Speed (up to 48 Gbps) cable ratings. 


HDMI is backward-compatible with DVI-D using a suitable adapter cable. This means 
that (for example) a DVI-D graphics adapter could be connected to an HDMI port on 
the display device. 


DISPLAYPORT PORTS AND CONNECTORS 


HDMI was principally developed by consumer electronics companies (Hitachi, 
Panasonic, Sony, and so on) and requires a royalty to use. DisplayPort was developed 
by the Video Electronics Standards Association (VESA), the organization largely 
representing PC graphics adapter and display technology companies. It is a royalty-free 
standard intended to complement HDMI. 


Unlike other video and audio standards, it transmits packetized data, in the same sort 
of way as PCI Express. Like PCI Express, bandwidth can be allocated in bonded lanes 
(up to 4). Each lane can be given a different data rate. In v1.2 of the standard, each lane 
can be allocated a 1.62, 2.7, or 5.4 Gbps data rate. The maximum data rate for a 4-lane 
link is 17.28 Gbps. Like HDMI v1.4, there is support for 48-bit color, 3D, 4K/UHD, and 
HDCP. There is also an auxiliary channel that allows (for example) a microphone- 
enabled display to feed the audio signal back to the PC without additional cabling. 


DisplayPort supports both copper and fiber-optic cabling. DisplayPort-certified copper 
cable must be capable of supporting 2560x1600 (WQXGA resolution) over 2 m. It also 
supports multiple monitors "daisy-chained" on the same cable. 


A DP++ DisplayPort port and connector. (Image © 123RF.com.) 


DisplayPort uses a 20-pin connector. A DP++ port allows a connection with DVI-D and 
HDMI devices (using a suitable adapter cable). There is also a mini DisplayPort format 
(MiniDP or mDP), developed by Apple and licensed to other vendors. 


THUNDERBOLT AND USB-C PORTS AND CONNECTORS 


Historically, computer video used dedicated cable types such as HDMI or DisplayPort. 
Modern computer display equipment is quickly adopting the USB-C connector 
interface. USB-C can carry HDMI or DisplayPort signaling (with an adapter cable) but 
would usually be used with Thunderbolt 3 signaling for video support. 
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A USB-C connector with Thunderbolt 3 support. (Image © 123RF.com.) 


Note: Not all USB-C ports support Thunderbolt 3. Look for the flash icon on the port or 
confirm using the system documentation. 


VIDEO ADAPTERS AND CONVERTERS 


Many video cards provide support for older display standards. It might be that the 
video card itself is quite old but it can be useful for newer video cards to support 
interfaces that might only be found on older monitors and projectors. If there is no 
port common to both the computer and the monitor, you may be able to use a 
converter or adapter cable to connect them. 


It will often be the case where the graphics adapter comes with a physical interface 


that is not supported by the display device. In this scenario, you can use a converter 
cable or adapter plug to connect the devices: 


DVI TO HDMI 


DVI is not supported on many consumer devices so you may use this type of adapter 
to connect a laptop to a TV set. There is no signal conversion involved so this can be 
performed by a passive cable. 
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— DVI-I (dual link) 


DVI-I (dual link) 
Connector 


HDMI Connector 


CLR — = 


HDMI to DVI-I adapter. (Image © 123RF.com.) 


DVI OR HDMI TO VGA 


Older flat panels may only come with VGA ports so this type of converter can be used 
to connect them up to newer computing devices. Unless going from DVI-I (analog) to 
VGA, this type of converter requires an active Digital to Analog Converter (DAC) chip. 
Note that the converter will not be accepted by HDCP-protected content. 


For instance, a VGA to DVI-I adapter would carry an analog signal only, while an HDMI 
to VGA converter cable converts between digital and analog inputs or outputs. 


DVI-I (dual link) 
. . 


DVI-I (dual link) 
Connector 


VGA Connector 


VGA to DVI-I adapter. (Image © 123RF.com.) 
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VGA Connector 


HDMI Connector 


HDMI to VGA adapter. (Image © 123RF.com.) 


DISPLAYPORT/THUNDERBOLT TO DVI 


This type of adapter would allow you to connect a computing device of a "certain age" 
to newer display devices (or vice versa). No signal conversion is involved so only a 
simple passive cable with appropriate connectors on each end is required. 


DVI-I (dual link) 
+ Hs) e 


DVI-I (dual link) 
Connector 


Thunderbolt 
Connector 


Thunderbolt am 
Port 


A Thunderbolt to DVI-I adapter. (Image © 123RF.com.) 


VIDEO CARDS 


The video card (or graphics adapter) generates the signal to send to the monitor or 
projector. The video card may make use of the system CPU and memory, but most 
add-in cards are highly sophisticated pieces of equipment, essentially computers in 
their own right. 


Note: Be aware that the terms video, graphics, and display are used interchangeably to 
refer to these adapters (or cards). 
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Low-end graphics adapters are likely to be included with the motherboard chipset or 
as part of the CPU itself. This is also referred to as an onboard adapter. If a computer 
is to be used for 3D gaming, Computer Aided Design (CAD), or digital artwork, a better 
quality adapter is required. This can be installed as an add-on card via a PCle slot. 
Most graphics adapters are based on chipsets by ATI/AMD (Radeon chipset), NVIDIA 
(GeForce and nForce chipsets), SiS, VIA, and Intel. 


ADAPTER COMPONENTS 


The core of a video adapter is the Graphics Processing Unit (GPU). This is a 
microprocessor like the CPU, but designed and optimized for processing instructions 
that render 2D and 3D images on-screen. High-end cards are differentiated based on 
the following features: 


* Clock speed—as with the CPU, the clock speed is the basic measure of 
performance, but the internal architecture (pipeline) of the GPU is another 
important factor. 

* Shader units—support the special effects built into games and other software. 
These units perform calculations that allow for 3D shading, realistic shadows and 
lighting, surface textures, translucency, and so on. 

+ Frame rate—the basic test for a GPU is the frame rate it can produce for a 
particular game or application. 25 fps is about the minimum to make a game 
playable. 


3D cards need a substantial amount of memory for processing and texture effects. A 
dedicated card may be fitted with up to 12 GB GDDR RAM at the high-end; around 2 GB 
would be more typical of current mid-range performance cards. The width and speed 
of the memory bus between the graphics RAM and GPU are also important. Low end 
cards use shared memory (that is, the adapter uses the system RAM). Some cards may 
use a mix of dedicated and shared memory. 


Note: 
@ Graphics Double Data Rate (GDDR) memory technology is similar to the DDR modules 
used for system RAM. 


Most modern cards use a PCle x16 interface. Dual cards, using two (or more) slots, are 
also available. With NVIDIA cards, this is accomplished using Scalable Link Interface 
(SLI); AMD/ATI dual cards are branded CrossFire. 


SUPPORT FOR DISPLAY INTERFACES 


Modern cards will support at least one digital interface (DVI, HDMI, DisplayPort, or 
Thunderbolt). Some cards may support other interfaces, such as VGA, but such 
support for analog display interfaces is increasingly unlikely. Having multiple 
connectors on the card also allows for the attachment of multiple display devices, even 
if the connectors are different types. 
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Graphics/Video 
Card 


A video/graphics card with DisplayPort, HDMI, and DVI-I ports. (Image © 123RF.com.) 


GRAPHICS APIs 

To work with 3D games and design applications, graphics cards need to be compliant 
with the specified version of one of the major graphics application programming 
interfaces (APIs): 


* DirectX®—Microsoft's specification. DirectX also specifies sound and multimedia 
APIs. 
* OpenGL?—developed by Silicon Graphics. 


CONFIGURATION TOOLS FOR DISPLAY DEVICES 


Once the adapter card has been installed and the monitor connected via a suitable 
cable, Windows should detect the devices and make them available for use via Plug 
and Play. 


If the computer has an onboard adapter, you may need to disable it via the system 
setup (BIOS) program after installing an add-on card. In some cases though, the utility 
supplied with the adapter will support selecting the default input and specifying use of 
a particular adapter for a particular task or process. 


Basic display settings, such as the resolution, can be configured via a built-in operating 
system tool, such as Windows Settings or Windows Control Panel. Alternatively, an 
adapter card might ship with a dedicated management utility. You would normally 
access this via an icon in the notification area. 
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Intel utility for configuring graphics properties. 


You may also need to use controls on the monitor itself to adjust the image or select 
the appropriate input channel. For example, if there is no image on the screen, check 
that the monitor is set to use the HDMI port that the computer is connected to, rather 
than an empty DVI port. These On-Screen Display (OSD) menus are operated using 
buttons on the monitor case. As well as input control, you can usually find settings for 
brightness, color/contrast, and power saving. 


MULTIPLE DISPLAYS 


A computer can be set up to use two (or more) display devices. In terms of hardware, 
the PC requires a graphics adapter with multiple display ports, multiple graphics 
adapters, or monitors with input and output DisplayPort or Thunderbolt connectors 
for daisy-chaining. 


Note: The adapter and monitors must support Multi-Stream Transport (MST) to use daisy 
chaining. To set up the chain, connect the first cable from the graphics adapter port to 
the "IN" port on the first monitor. Connect a second cable from the "OUT" port on the 
first monitor to the "IN" port on the second monitor. 


Dual monitors can be used in one of three modes, configured via Windows display 
properties: 


* Display the same image on both devices—select the Duplicate these displays 
option (this mode is useful for delivering presentations). 
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Configuring dual monitors in Windows 10 to duplicate the display. (Screenshot used with 
permission from Microsoft.) 

* Display the desktop over both devices—select Extend these displays (this mode 
makes more screen "real estate" available and is useful for design, publishing, and 
programming work). Drag the displays in the box to position them correctly. You 
can put them to the left and right or above and below one another. 


ss EA 
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© Battery 


Configuring dual monitors in Windows 10 to extend the display. (Screenshot used with permission 
from Microsoft.) 


* Display the desktop on one device only—select either Show only on 1 or Show 
only on 2. 


Note: In Windows 10, you can select a multi-monitor mode quickly using Windows + P. 
This causes a prompt to appear on the right side of the primary display listing the 
options PC screen only, Duplicate, Extend, and Second screen only. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vf and job aids on How to Install and Configure Display Devices. 
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Activity 2-1 


Discussing Display Device Installation 
and Configuration 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Look at the following exhibit. 


What two types of display cabling can be connected to this laptop? 


2. Which ports are present on the graphics card shown below? 


3. Which interfaces does the adapter cable shown below support? 
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A customer is shopping for a computer game for her daughter and wants to 
know if you can explain the reference to "DirectX" on the packaging? 


You are configuring two monitors in extended desktop mode. 


What should you configure in the Display dialog box? 
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Activity 2-2 


Installing a Graphics Adapter 


BEFORE YOU BEGIN 


What you do in this activity will depend on the components available to you. Check 
with your instructor which of the following steps you should perform. 


You will perform this activity on your WORKBENCH PC. 


SCENARIO 


A common upgrade on machines used for playing games or doing Computer Aided 
Design or graphics intensive work is to upgrade the graphics adapter. Another upgrade 
that can be performed is to add a second adapter to the system so that two monitors 
can be used. This requires that both adapters support dual displays. 


1. Record information about the graphics adapter make and model currently 

installed, including the driver version. 

a) Start and log on to the PC then press the Windows+xX keys and select Device 
Manager. 

b) In Device Manager, expand the Display adapters node, and record the installed 
adapter name. 
+ Adapter make and model: 
If there are multiple display adapters, record information about all of them. 

c) Right-click the adapter and select Properties. Select the Driver tab, then record the 
Driver Provider and Driver Version information. 
* Driver provider: 
e Driver version: 
Again, if there are multiple display adapters, do this for each of them. 


2. Access the PC's internal components safely. 
a) Shut down the PC and then disconnect the power cable and all peripheral cables. 
Take the usual ESD precautions. 
b) Remove the system case cover. 


3. Complete this step or one of the next two steps, as suggested by your instructor. 
a) If your system has onboard graphics, identify a free expansion slot that will 
accommodate the type of adapter you are installing. 
b) | Remove the blanking plate from the slot. 


c) Insert the card into the slot, checking carefully to make sure that it is properly seated 
and that any locking catches are in place. 


4. Complete this step, the previous step, or the next step, as suggested by your 
instructor. 


a) Remove your existing adapter (remember that there may be a plastic clip to release 
as well as the mounting screw). 


b) Swap adapters with a classmate, and install the new one. 
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5. Complete either this step or one of the previous steps, as suggested by your 
instructor. 
a) Install a second graphics adapter alongside your existing one. 


A second graphics adapter can be installed so that two monitors can be used at the 
same time. This type of setup is favored by graphics professionals where having lots 
of screen "real estate" is extremely productive. It can also be used with presenting 
software. 


Note: Another use for twin adapters is for high performance gaming systems 
where two cards are installed to double performance. Another dual-monitor 
option is to obtain a "multi-head" card with two or more outputs. 


6. Verify the installation and configure display settings. 

a) Close the system case. 

b) | Reconnect the peripheral devices. When connecting the display, make sure you 
connect the cable to a display port on the new adapter, if you installed a second 
adapter alongside an integrated one or existing card. 

c) | Reconnect the power cable and start the PC. 

d) When the PC reboots, the new adapter should be detected automatically. If it is not, 
install the driver software that comes with the card. 

e) Right-click the Desktop and select Display settings. Select the Advanced display 
settings link, and record the following information: 

* Refresh rate: 
* Bit depth: 

f) Select the Display adapter properties link. Record the following information: 

* Chip type: 
* Total Available Graphics Memory: 
* Dedicated Video Memory: 

g) Select List All Modes to list the combinations of resolution and refresh rate 
supported by the monitor. 

h) Select Cancel to close each dialog box. 

i) In the Settings app, select the Back button. 

j) Experiment with different text DPI settings by using the Change the size of text list 
box. 

These are useful on very high resolution monitors where the on-screen menus can 
look very small as the default setting (96 dpi). 


k) Ifyou installed a second display adapter, configure the display across the two 
monitors, experimenting with the options available. When you have finished, set the 
display back to one monitor. Disconnect the second monitor and connect it back onto 
the other PC. 


7. Atthe end of the activity, if you installed a second adapter, open the computer 


and remove it then hand it back to your instructor. Revert any other changes as 
suggested by your instructor. 
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Topic B 


Troubleshoot Display Devices 


EXAM OBJECTIVES COVERED 
A 1001-5.4 Given a scenario, troubleshoot video, projector, and display issues. 


As well as installing and configuring display devices, you also need to know how to 
identify and resolve issues related to using them. 


COMMON DISPLAY ISSUES 


Common display issues include: 


* No image is displayed on the monitor. 

* Image is dim. 

* Image flickers or is distorted. 

* Images have low resolution or color depth. 
* Images and icons are oversized. 

* Incorrect color patterns. 

* Dead pixels. 

* Image is burned into the monitor. 

e Unexpected objects or patterns appear on the monitor. 
* Overheating. 

* Protected content. 


GUIDELINES FOR TROUBLESHOOTING DISPLAY DEVICES 
Note: All of the Guidelines for this lesson are available as checklists from the Checklist 
tile on the CHOICE Course screen. 


Here are some guidelines to follow to help troubleshoot display devices. 


TROUBLESHOOT DISPLAY CONFIGURATION ISSUES 


Follow these guidelines when you are troubleshooting display device configuration 
issues: 


* No image. If no image is displayed on the monitor, try these actions: 


e Make sure that the monitor is plugged in and turned on. Check that the monitor 
is not in standby mode (press a key or cycle the power to the monitor to activate 
it). 

* Check the connection between the video card and monitor. Make sure the cable 
is connected securely at both ends and is not loose. Make sure that the cable has 
not become stretched or crimped. If there are dual display ports, check that the 
cable is connected to the right port. 

e Ifthe monitor supports different display inputs (VGA and HDMI, for instance), 
check that it is switched to the correct one using the On-Screen Display (OSD) 
controls. 

* Try the monitor with a different PC and see if it works. 
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Dim image. If the image is dim, check the brightness and contrast controls to make 
sure they are not turned all the way down. It is possible that a power saving mode is 
dimming the display. It is also possible that an adaptive brightness, auto-brightness, 
or eye-saving feature of the device or operating system has been enabled. These 
reduce brightness and contrast and can use lower blue light levels. This type of 
feature might activate automatically at a certain time of day or could use an 
ambient light sensor to trigger when the room is dark. 

Image quality. If there is a problem with image quality, such as a flickering or 
misshapen image or missing colors, try these actions: 


Check the video cable and connector. If the connector is not securely inserted at 
both ends, this could cause flickering. If a pin is bent and not lining up with the 
video card connector, this can cause a missing color. If the cable is poor quality, 
higher resolutions may not be supported. 

If video playback does not work, try lowering or disabling hardware acceleration 
(using the slider on the Troubleshoot tab). If this solves the problem, check for 
an updated display driver. 


makome Display 
| Find a setting à Brightness and colour 
System Change brightness 
Ar 

| da Night light (on until 06:39) 
Q) Sound @® on 


Night light settings 
CI Notifications & actions 


Scale and layout 
D Focus assist 


Change the size of text, apps and other items 
®© Power & sleep 


100% (Recommended) 

© Battery 125% N 
150% 

œ Storage 
1600 x 900 (Recommended) 

EB Tablet mode : 


Configuring scaling on a Windows 10 PC. (Screenshot used with permission from Microsoft.) 
Increasing DPI makes text larger at a particular resolution. This is useful for flat 
panels that support high native resolutions (using a lower interpolated 
resolution would make the display "fuzzy"). However, this can cause graphics 
rendering problems with older software. Also, Windows may set a high DPI 
automatically when using a high resolution display device. 

If using a CRT monitor, check refresh rate and resolution settings for the video 
driver. If resolution is too high or refresh rate is too low this can cause the screen 
to flicker. On a TFT, check that there is no problem with the backlight. 
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Monitor Settings 


Screen refresh rate: 


The screen refresh rate setting is located under Advanced Display Properties on the Monitor 
tab. (Screenshot used with permission from Microsoft.) 

* Ifa CRT image geometry is distorted (a pincushion effect where the edges 
appear to bulge, for instance), try adjusting the monitor's image control knobs. 

+ IfaTFT image is distorted, check that the panel has not been bent or physically 
damaged. 

* Ifa projector image is distorted, try to ensure the projector lens is lined up with 
the display screen or whiteboard. The position of the lens within the projector 
may be adjustable using a knob or dial. If the lens is above or below the screen, 
there may be a keystone effect where the top of the image is wider or narrower 
than the bottom. If the projector or lens cannot be repositioned, there may bea 
keystone correction control, accessed via the OSD menu, that allows you to 
adjust the digital image to compensate for this. 

* VGA mode. If there is a problem with low resolution or color depth: 

* Low resolution or color depth (VGA rather than SVGA) can make the image look 
blocky or grainy. 

* Ifa computer boots in VGA mode without this being specified in the boot 
configuration, check the display driver. 
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resolution is SVGA (800x600). 


@ Note: Windows 10 does not actually support VGA resolution anymore. The minimum 


* Oversized images and icons. If images and icons appear oversized: 


One way for screen objects to look "too large" is to use a low resolution, such as 
VGA. 

Another way is to use a high DPI scaling setting, as described previously. 

You should also check whether a zoom tool is in use. Windows comes with 
accessibility features to allow the screen to be magnified. A user might 
unwittingly activate the screen magnifier (especially if it is configured with a hot 
key activation) and not know how to turn it off. 


(CERTIFICATION > COMPTIA A+ 


CompTIA A+ 


EXAM CODE 220-801 & 220-802 


OVFRVIFW FXAM DFTAIIS PREPARATION RFNFWAI (Sa 


A user may not realize that the Magnifier tool is activated. (Screenshot used with permission 
from Microsoft.) 


* Color issues. If there is a problem with color: 


If a computer is used to produce digital art, it is very important that the display 
be calibrated to scanning devices and print output. Color calibration (or 
workflow) refers to a process of adjusting screen and scanner settings so that 
color input and output are balanced. Color settings should be configured with 
the assistance of a color profile. You can use the Color Management applet in 
Control Panel along with test card color patterns and spectrophotometers to 
define a color profile and verify that the display matches it. 
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© E Display Colour Calibration 


How to adjust gamma 


Display Color Calibration utility in Windows 10. (Screenshot used with permission from 
Microsoft.) 

* You may also come across color glitches, such as purple or green horizontal lines 
or colors changing unexpectedly. These are usually caused by a faulty or loose 
connector or cabling that is either faulty or insufficient quality for the current 
image resolution. Try replacing the cable. If this does not fix the issue, there 
could be a hardware fault. 


Note: On a laptop, one simple test is to check whether the problem manifests on both 
the built-in display and on an external monitor. If the problem only appears on the 
external monitor, suspect the cable or connector/port. 


TROUBLESHOOT ADAPTER AND MONITOR FAULTS 

Many display problems are caused by errors in configuration, but you must also be 
alert to the possibility of hardware faults in the graphics adapter or monitor. In 
addition to the possible effects of a faulty cable or connector, be aware of these issues 
and possible solutions: 

* Dead pixels. If you have dead pixels: 


* Defects in a flat panel monitor may cause individual pixels to be "stuck" or 
"dead." If a TFT panel has stuck (constantly bright) pixels, and the panel cannot 
be replaced under warranty, there are software utilities available to cycle the 
pixel through a series of relatively extreme color states to try to reactivate it. 


Note: Many vendors stipulate that they will only replace a screen if the number of 
manufacturing defects exceeds a stated threshold. 


* Fixed pixels can also sometimes be reactivated by gently pressing or tapping the 
affected area of the screen with a stylus or pencil eraser, though there is the risk 
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of causing further damage or scratching the screen. Dead pixels (solid black) 
cannot usually be fixed. 
Burn-in. If you have burn-in: 


* Burn-in is where a static image is displayed for so long that the monitor's picture 
elements are damaged and a ghost image is "burned" permanently onto the 
display. Older monitors were highly prone to burn-in, which is why most 
operating systems include the option for an automatic screen saver to activate 
after so many minutes inactivity. 

e Modern flat panel monitors are not so susceptible to burn-in, though it is still 
worth using a screen saver or power saving mode just in case. Some plasma 
screens are vulnerable to burn-in and additional care should be taken when 
using a consumer TV device as display screen. 

Artifacts. There are two main sources of unexpected objects or patterns appearing 

on the screen. 


e Ifthe artifacts are "static" and completely out of context with their surroundings, 
the likelihood is that the cause is a faulty adapter. 

* Some TFTs can suffer from "image persistence," where the crystals become 
slightly less responsive because they have been left in the same state for an 
extended period. The problem can usually be solved by turning off the display 
for a few hours. 

e In terms of 3D graphics performance and possible motion trails or slowdown 
(especially with computer games), you need to ensure the card is one that is 
capable of playing the game and that the latest driver and version of DirectX are 
installed. 

e If there are still issues with frame rates (the speed at which images are 
displayed), try disabling video effects or using a lower resolution. 

* Make sure that you are using the correct (and latest) drivers for your video card. 
The FAQs will list any issues with particular applications that the driver 
addresses. 

Unexpected shutdowns. If you are experiencing unexpected shutdowns: 


e A faulty display adapter or display adapter driver is a common cause of STOP 
errors, or Blue Screens of Death (BSoD). If the problem occurs only in specific 
circumstances, the fault could lie in some sort of compatibility between the 
driver and a particular program (typically a 3D game). 

« Ifthe problem occurs more randomly or at bootup, the issue is more likely to be 
a fault in the adapter itself. 3D graphics cards come bundled with high 
performance GPUs and memory and as such are prone to overheating, 
especially in laptops. Make sure the system is being adequately cooled as 
prolonged overheating will cause permanent damage to the card. 

Protected content. If you encounter an error that indicates unauthorized content 

or an HDCP error: 


* DVI, HDMI, DisplayPort, and Thunderbolt all provide support for the Digital 
Rights Management (DRM) mechanism High-bandwidth Digital Content 
Protection (HDCP). HDCP allows a content source (such as a Blu-ray disc) to 
disable itself if the display adapter and monitor and/or speaker system do not 
support HDCP and fail to authenticate themselves with the playback source. 
There have been various iterations of HDCP (at time of writing the current 
version is 2.2) and backward-compatibility can be problematic as authentication 
may fail between devices that support different versions of the standard. 
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Activity 2-3 


Discussing Display Device 
Troubleshooting 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Imagine that the display you installed is not showing the color blue. 


Which component(s) would you prioritize for fault-finding? 


2. What is the most likely cause of a flickering display? 


3. What would you do if the image from a projector appeared narrower at the 
top than at the bottom? 


4. You need to set up a system to show content-protected video. 


Which display connector types would be suitable? 
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Activity 2-4 


Troubleshooting Monitor Issues 


BEFORE YOU BEGIN 


Your instructor has altered the display settings for your monitor. The computer is 
running and the lock screen is displayed. 


This activity will be performed on your WORKBENCH PC. 


SCENARIO 

An employee recently had to move the location of his workstation. The employee 
reports that, since the move, the display does not appear in the center of the monitor. 
The images are too dark, making them difficult to see, and he cannot see as much on 
the screen as he would like. The employee needs you to resolve these issues so that he 
can get back to work. 


1. Log onto Windows, and examine the video output. 


2. Adjust the monitor display. 
a) Referring to the monitor's documentation as necessary, locate the physical controls 
or On Screen Display (OSD) menu to adjust the brightness of the display image. 
b) Adjust the brightness so that the monitor is comfortable to view. 
c) Adjust the contrast so that you can view all the screen elements easily. 


3. Change the resolution. 


a) To open the Screen Resolution window, if you are using a Windows 7 computer, 
right-click the desktop and select Screen resolution. If you are using a Windows 10 
computer, right-click the desktop and select Display settings. 


b) Inthe Resolution section, select the current resolution to display the drop-down list. 
c) Inthe Screen Resolution window, select the appropriate resolution. 

d) Ifyou are using Windows 7, select OK. 

e) Inthe Display Settings message box, select Keep changes to set the new resolution. 


4. Adjust the horizontal and vertical positions of the image. 
a) Referring to the documentation as necessary, locate the controls to adjust the size 
and centering of the display image. 


b) Adjust the vertical display position so that the display is centered top-to-bottom on 
the screen. 


c) Adjust the horizontal display position so that the display is centered side-to-side on 
the screen. 


d) Adjust the height and width of the image so that there is either no border or the 
smallest border allowed. 
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Topic C 


Install and Configure Multimedia Devices 


EXAM OBJECTIVES COVERED 
a 1001-3.6 Explain the purposes and uses of various peripheral types. 


Multimedia refers to devices used to play and record audio and video from different 
inputs and outputs. You will need to be able to support a wide range of multimedia 
devices, including speakers, microphones, headsets, and cameras. 


AUDIO SUBSYSTEMS 


A computer's audio subsystem is made up of a sound card (to process audio signals 
and provide interfaces for connecting equipment) and one or more input (microphone) 
and output (speaker) devices. 


SOUND CARDS 


The basis of a sound (or audio) card is the Digital Signal Processor (DSP) chip, which 
contains one or more Digital-to-Analog Converters (DACs). DACs convert the digital 
signals generated by the CPU to an analog electrical signal that can drive the speakers. 
The DSP also provides functions for playing digital sound (synthesis) and driving MIDI 
compatible devices. The quality of audio playback is determined by the card's 
frequency response, which is the volume that can be produced at different 
frequencies. 


A basic sound chip may be provided as part of the motherboard chipset, but better 
quality audio functions can be provided as a PCI or PCle expansion card, or as an 
external adapter connected by USB. Pro-level cards may also feature onboard 
memory, flash memory storing sound samples (wavetables), and multiple jacks for 
different input sources. 


Note: Locating recording functions within the computer case creates lots of problems 
with noise. Consequently, most audio interfaces designed for professional use are now 
external units connected via USB or Thunderbolt. 


As with graphics cards, sound cards are designed to support sound APIs. Cards 
designed for use with Windows should support Microsoft's DirectSound3D (part of 
DirectX). Cards designed for use with games should also support Open AL and EAX, 
which provide extensions to DS3D for special sound effects. 


Creative, Terratec, RealTek, and Turtle Beach are the most notable vendors of 
consumer sound cards, while M-Audio, RME, and Apogee are noted for their 
professional-level cards. 


AUDIO CONNECTORS 


Most audio connectors are 3.5 mm (% inch) mono or stereo jacks (also referred to as 
phone plugs or mini TRS [Tip, Ring, Sleeve] connectors). A standard sound card will 
have several of these for different equipment. 
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Audio jacks on a sound card. (Image © 123RF.com.) 


Jack Description 


Audio in (light blue) Audio in (or line in) is a low-level (1V) stereo signal as 
supplied by most tape decks, video players, tuners, CD 
players, and so on. 


Microphone input This is generally a mono-only analog input. 

(pink) 

Audio out (lime) Audio out (or line out) is a low-level (1V) analog stereo signal 
suitable for feeding into amplified speakers or headphones. 

Audio out (black) Carries the signal for rear speakers in a surround sound 
system. 

Audio out (orange) Carries the signal for the subwoofer in a surround sound 
system. 


Higher end sound cards will include an Sony/Phillips Digital Interface (S/PDIF) jack. 
S/PDIF can either use coax cabling with RCA (or phono) connectors or fiber optic 
cabling and connectors, which can either be in a square form factor (TOSLINK) or use 
3.5mm jacks. S/PDIF is most often used to carry digital data for surround-sound 


speaker systems. 


A TOSLINK connector and port. (Image © 123RF.com.) 
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Note: RCA connectors are distinguished by a collar surrounding the connector, which 
makes the fit between plug and socket more secure. 


AUDIO OUTPUT DEVICES 


Audio playback is achieved via speakers or headphones, which are connected to the 
sound card via an analog or digital audio jack. Both analog and digital speakers are 
available (or speakers may support both analog and digital inputs). 


Sound cards supporting multiple output channels with an appropriate speaker system 
can provide various levels of playback, from mono (on legacy systems) or stereo to 
some type of surround sound. Surround sound uses multiple speakers positioned 
around the listener to provide a "cinematic" audio experience. 


* A5.1 digital system (Dolby Digital or Digital Theater System [DTS]) has three front 
center, left, and right speakers, two left and right rear speakers, and a subwoofer 
for bass sounds. 

A7.1 system (Dolby Digital Plus or DTS-HD) has two extra side speakers. A speaker 
system will usually have controls for adjusting volume, bass, and treble plus 
optionally EQ or preset sound effects. 


Note: A sound card will also feature internal channels (or voices). These represent the 
number of sounds that the card can play and mix at once (polyphony). This is important 
for music recording and working with sound effects used by some games. 


Note: Most graphics adapters support audio over HDMI (or Thunderbolt), allowing 

© surround sound output without a separate connection to a sound card. An HDMI cable 
would be connected from the graphics adapter port to the TV and then the TV would be 
connected to the surround sound speaker system. 


Front 
Surround Left 


Left 


Surround 
Back Left 


1 


u Subwoofer 
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Surround sound configuration for a home theater. (Image © 123RF.com.) 
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MIDI EQUIPMENT 


As well as playing sound via speakers, a card supporting Musical Instrument Digital 
Interface (MIDI) functions can be used to control MIDI equipment (such as a 
synthesizer or drum machine). 


Instead of exchanging the sound wave, the devices exchange information about how to 
play a sound, in terms of sample (a sound pattern stored in a wavetable), volume, 
pitch, tempo, and so on. For example, you could use a keyboard to play with samples 
stored on the PC or use sequencing software to program a drum machine. 


MIDI devices use 5-pin DIN connectors or USB connectors. 


SOUND RECORDING EQUIPMENT 


To record an analog sound wave, the sound card must sample the wave. The sampler 
divides the wave up into a number of slices per second (sampling rate) and records 
information about each slice (resolution). The higher the sampling rate (measured in 
Kilohertz [KHz]) and resolution (measured in bits), the better the representation of the 
source is. CD-quality audio is sampled at 16-bit/44.1 KHz, but professional cards may 
sample at 24-bit/192 KHz or better. 


The card's circuitry and cabling introduce some degree of noise or distortion into the 
sampled audio. Noise levels are measured using Total Harmonic Distortion (THD) 
and Signal-to-Noise Ratio (SNR). THD is measured as a percentage and SNRin 
decibels (dB). For both, smaller values represent better performance. 


Note: When using a PC to record music, the acoustic performance of components such 
as the hard drive and fans is very important, so as not to cause interference with analog 


inputs. Locate an internal sound card in the slot farthest from any other components. 


A sound card can be fitted with several ports to connect different types of recording 
equipment. 


HEADSETS 


A headset combines headphones and a microphone in a single device. They are 
mostly used with Voice over IP (VoIP) calling, meeting, and conferencing applications. 
Most headsets are connected to the computer via a USB port or via a wireless 
interface, such as Bluetooth®. 


AUDIO SETTINGS 


To set up the audio subsystem, connect the microphone, headset, or speakers to the 
appropriate ports on the card or motherboard. Use the Sound applet in Control Panel 
or Windows Settings to test the hardware and configure settings. 
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Using Sound settings in Windows 10 to configure the audio output and input devices. (Screenshot used 
with permission from Microsoft.) 


If you have multiple devices connected at the same time, you can choose the defaults 
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Some apps are using custom input settings. You can personalise 
these in app volume and device preferences below. 


Device properties 


Test your microphone 


Q 


A\ Troubleshoot 


here and test levels for audio input and output. 
If you have a multimedia keyboard, there are usually keys on that for adjusting the 


volume. Also, laptops have push-buttons and special function (Fn) keys to adjust the 


volume. 


In Windows, use the Speakers icon in the Notification Area to control the volume and 
switch between playback devices. 


Speakers (Conexant SmartAudio HD) 


d 


Windows volume control. (Screenshot used with permission from Microsoft.) 
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WEBCAMS 


Webcams record video images using a CMOS or CCD sensor and usually feature a 
microphone to record audio. Most webcams now support HD recording but may come 
with quite low quality lenses and records at up to about 30 frames per second (fps). 
Higher quality devices for professional recording and 4K resolution are available. 
Webcams are used for online video conferencing, as feeds for websites, and as 
surveillance devices. 


Built-in Laptop 
Webcam 


External 
Webcam 


Built-in and USB-attached webcam options. (Image © 123RF.com.) 


Webcams can be built into a laptop computer chassis or connected as a peripheral 
device via an external USB port. Some webcams may come with Wi-Fi networking 
functionality. 


Note: With webcams—and especially built-in webcams—it is important to enforce app 
permissions to prevent privacy abuses. While an application such as a browser might 


need to use the webcam for video conferencing from a particular service provider, that 
does not mean that other websites should be able to activate the camera. 


DIGITAL CAMERAS 


Digital cameras are primarily still cameras, though many can record HD video too. 
They record an image using a light-sensitive CCD or CMOS array and store it on digital 
media (a flash memory card). Properties of 35 mm film, such as ISO sensitivity, can be 
set through software. Digital compact cameras dispense with traditional viewfinders 
and allow the user to compose each shot using a preview image on an LCD display 
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screen. In other respects, digital cameras have the same features and functions as film 
cameras. 


From left to right: A compact action camera, a DSLR digital camera. (Image © 123RF.com.) 


The digicam market is divided into consumer models (replicating the features of 
compact 35 mm film cameras), professional Digital Single Lens Reflex (DSLR) models 
(preserving the traditional viewfinder method of picture composition and supporting 
replaceable lenses and manual adjustments), and prosumer models (ranging from 
high end compacts to entry-level DSLRs). Additionally, smartphones and tablets now 
come with a camera function. 


Note: There are also mirrorless cameras, which support interchangeable lenses but do 
not use an optical viewfinder. 


Apart from its lens, shutter speed, and feature set, the basic quality measurement of a 
digital camera is its resolution, expressed in megapixels (MP). The following table lists 
the best output that can be expected from images of a particular resolution. 


Resolution Uses 

Less than 1 MP On-screen viewing only. 

1 to 2 MP On-screen viewing and small prints (up to 
about 7 inches). 

3 MP Larger prints (up to about 12 inches, or 
letter sized). 

4 to 8 MP and higher Poster prints (30 inches and larger). 


sensor. Compact digicams support high resolution but have tiny sensors, while DSLRs 
have high resolution and larger sensors (the best quality have a "full frame" sensor; the 
same size as a frame of 35 mm film). 


Oo Note: In point of fact, image resolution is now less important than the physical size of the 


Another important factor is the type of memory card used by the camera. Cameras can 
only use one type of card. Most cameras convert images to compressed (JPEG) file 
format to save space. JPEG is a lossy compression algorithm, meaning that even at the 
highest quality setting, some image information is discarded. Professional and 
prosumer models can typically record uncompressed (RAW) data, but this requires 
about 2-3 times as much space per picture. 


Picture files can be transferred to a PC using the removable memory card or the 
camera can be connected directly using USB or (on some models) over Wi-Fi wireless 
networking. Many printers also support memory card slots or connectivity for direct 
printing from a camera without requiring a PC. 
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Activity 2-5 


Discussing Multimedia Device 
Installation and Configuration 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What size and color connector would you look for to plug a basic 
microphone into a PC? 


2. You have installed a new sound card in a computer designed for home 
entertainment. What type of connector would you use to connect a digital 
surround sound speaker system to the new card? 


3. What type of speaker unit is the ".1" in a 5.1 or 7.1 surround sound system 
and where do you suggest this speaker be placed? 


4. What type of interface would allow a software program running on the PC to 
operate a synthesizer connected as a peripheral device? 


5. What sampling rate from a sound card would you require if you want to be 
able to record CD-quality sound? 
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Summary 


In this lesson, you supported display and multimedia devices by installing, configuring, 
and troubleshooting them. It is likely that you will be called upon to support display 
devices often as a computer technician. 


What types of monitors do you have experience with? What types of connections 
have you used to connect those monitors to computers? 


In your current job role, have you had to troubleshoot display device problems? 
If so, what did you do and how did you resolve the issues? 


Practice Question: Additional practice questions are available on the CompTIA CHOICE 
platform within the Assessments tile. 
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Lesson 3 


Installing, Configuring, and Troubleshooting 
Storage Devices 


LESSON INTRODUCTION 


As a computer technician, your responsibilities are likely to include installing and maintaining 
many different types of computer components, including storage devices. By identifying the 
various types of storage devices that can be found in most personal computers, you will be better 
prepared to select, install, and maintain storage devices in personal computers. 


Data storage comes in a variety of types and sizes and for different purposes. Temporary data 
storage in RAM and permanent storage on hard disk drives, optical drives (CD/DVD/Blu-ray™), and 
flash memory drives and cards are the main types of storage you will encounter. 


LESSON OBJECTIVES 

In this lesson, you will: 

* Install system memory. 

e Install and configure mass storage devices. 

* Install and configure removable storage devices. 
* Configure RAID. 


* Troubleshoot storage device issues. 
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Topic A 


Install System Memory 


EXAM OBJECTIVES COVERED 
a 1001-3.3 Given a scenario, install RAM types. 


Just as some people say you can never be too rich, you can never have too much 
memory. Adding memory is one of the simplest and most cost-effective ways to 
increase a computer's performance, whether it is on a brand-new system loaded with 
high-performance applications or an older system that performs a few basic tasks. 


SYSTEM MEMORY 


System memory is the main storage area for programs and data when the computer 
is running. System memory is a type of volatile memory called Random Access Memory 
(RAM). System memory is necessary because it is much faster than accessing data in a 
mass storage system, such as a hard disk. System memory provides a fast storage 
medium for the operating system and applications but it is volatile, meaning that data 
cannot be stored without a power supply. 
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CPU, cache, and RAM are fast but volatile; mass storage and removable storage devices provide slower 
but permanent data retrieval. (Image © 123RF.com.) 
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Note: Non-volatile memory does not require a constant power source to store data. 
Examples include read-only memory (ROM) and flash memory. 


A large quantity of system memory is essential for running a PC. It determines its 
ability to work with multiple applications at the same time and larger files. Each new 
generation of software tends to take up more memory space. If there is not enough 
system RAM, the memory space can be extended by using disk space (virtual memory), 
but as noted previously, accessing the disk is very slow compared to accessing RAM. 


RAM TYPES 


Several different RAM technologies have been used for system memory in PCs over the 
years. 


RAM Type Description 
Dynamic RAM DRAM stores each data bit as an electrical charge within a 
(DRAM) single bit cell. A bit cell consists of a capacitor to hold a charge 


(the cell represents 1 if there is a charge and 0 if there is not) 
and a transistor to read the contents of the capacitor. 


The electrical charge gradually dissipates, causing the 
memory cell to lose its information. In order to preserve the 
information, dynamic memory has to be refreshed 
periodically by accessing each bit cell at regular intervals. The 
refresh cycles slow down the operation of DRAM but it 
supports high densities (more MB per memory module) and 
is relatively low cost. 


Many types of DRAM have been developed and become 


obsolete. 
Synchronous DRAM _ Inthe mid-1990s, variants of SDRAM were used for system 
(SDRAM) memory. SDRAM is so-called because it is synchronized to the 


system clock. It has a 64-bit data bus. Consequently, if the bus 
is running at 66 MHz, the bandwidth available to an SDRAM 
memory controller is 66.6*64 or 4266 megabits per second. 
Dividing by 8 gives the bandwidth in megabytes per second 


(533 MBps). 
Some notable RAM vendors include Kingston®, Crucial™ (Micron), Corsair, PNY, and 
Integral™. 
DDR SDRAM 


Double Data Rate SDRAM (DDR SDRAM) is an updated type of SDRAM (released to 
market in 2001) where data is transferred twice in one cycle ("double-pumped"). There 
are four DDR standards, matching different system clock speeds. 


Memory Clock Bus Clock Data Rate Transfer Rate 

RAM Type (MHz) (MHz) MT/s) (Gbps) 
DDR-200/ 100 100 200 1.6 

PC-1600 

DDR-266/ 133 133 266 2:1 

PC-2100 

DDR-333/ 167 167 333 27 

PC-2700 
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Memory Clock Bus Clock Data Rate Transfer Rate 
RAM Type (MHz) (MHz) MT/s) (Gbps) 
DDR-400/ 200 200 400 3.2 


PC-3200 


SDRAM is referred to by the bus clock speed (PC100, PC133, and so forth). DDR chips 
are labeled using the maximum theoretical bandwidth (PC1600, PC2100, and so on) 
largely for marketing reasons. For example, consider DDR-200 PC-1600 memory: 


* The internal memory clock speed and I/O bus speed are both 100 MHz. 

* The data rate is double this as there are two operations per clock "tick." This is 
expressed in units called MegaTransfers per Second (200 MT/s). This gives the 
DDR-200 designation. 

* The peak transfer rate is 1600 MBps (200 MT/s x 8 bytes per transfer). This gives the 
"PC-1600" designation. 1600 MBps is equivalent to 1.6 GBps. Note that the peak 
transfer rate does not represent "real world" performance; it is a maximum 
theoretical rate. 


DDR2/DDR3/DDR4 SDRAM 


DDR has been superseded by DDR2 (from 2003), DDR3 (from 2007), and DDR4 (from 
2014) SDRAM. These increase bandwidth by multiplying the bus speed, as opposed to 
the speed at which the actual memory chips work. This produces scalable speed 
improvements without making the chips too unreliable or too hot. 


The drawback is increased latency, as data takes longer to access on each chip. Latency 
is offset by improving the memory circuitry. 


Memory Clock Bus Clock Data Rate Transfer Rate 
RAM Type (MHz) (MHz) (MT/s) (Gbps) 
DDR2 100 to 266 200 to 533 400 to 1066 3.2 to 8.533 
DDR3 100 to 266 400 to 1066 800 to 2133 6.4 to 17.066 
DDR4 200 to 400 800 to 1600 1600 to 3200 12.8 to 25.6 


The following represent specific examples of DDR standards: 


* DDR2-1066/PC28500—the memory works at 266 MHz and the bus at 533 MHz, 
which with the double data rate gives 1066 MT/s and nominal transfer rate of 8.533 
GBps. This is the best available DDR2 standard. 

* DDR3-1600/PC312800—the memory works at 200 MHz and the bus at 800 MHz, 
which with the double data rate gives 1600 MT/s and nominal transfer rate of 12.8 
GBps. 

* DDR4-1600/PC4-12800—the memory works at 200 MHz and the bus at 800 MHz, 
which with the double data rate gives 1600 MT/s and nominal transfer rate of 12.8 
GBps. The only advantage over DDR3-1600 is the lower voltage, reducing power 
consumption. 

* DDR4-2400/PC4-19200—the memory works at 300 MHz and the bus at 1200 MHz, 
which with the double data rate gives 2400 MT/s and nominal transfer rate of 19.2 
GBps, exceeding anything available for DDR3. 


Note: Clock speeds ending 33 or 66 are usually rounded down; technically they are 33% 
and 66%. In the case of DDR2-667, the memory manufacturers just didn't like the look of 
"DDR2-666" so they rounded up. 
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performance timings. These are quoted as a series of numbers in the form 5-5-5-15. Each 
number represents a different timing statistic. The lower the numbers, the better the 
performance. Each DDR standard has timing variants. For example, DDR3-1333G has 
8-8-8-12 timing, whereas DDR3-1600G8 has 8-8-8-10 and DDR3-1600K has 11-11-11-13. 
More information on SDRAM standards can be obtained from jedec.org. 


Oo Note: You may also come across GDDRx memory, which is a type of DDRx optimized for 


r) Note: When specifying high performance RAM you may want to compare the 


use on graphics cards. 


MEMORY MODULES 


A RAM module, or memory module, is a printed circuit board that holds a group of 
memory chips that act as a single unit. Memory modules reside in slots on the 
motherboard, and they are removable and replaceable. Memory modules are defined 
by their design and by the number and type of chips they contain. 


DUAL INLINE MEMORY MODULES 

DDR for desktop system memory is packaged in 184-pin Dual Inline Memory Module 
(DIMMs). The notches (keys) on the module prevent it from being inserted into a slot 
the wrong way around. 


SDRAM packaged in 168-pin DIMMS. (Image © 123RF.com.) 


Note: Memory slots look similar to expansion slots but have catches on each end to 
secure the memory modules. 


DDR2 and DDR3 are both packaged in 240-pin DIMMs but are not compatible. The 
modules and slots are keyed differently to prevent a module from being inserted into 
an incompatible slot. Faster modules typically feature heatsinks, because of the higher 
clock speeds. 

DDR4 DIMMs have 288 pins. The modules are the same size as previous standards but 
the pins are more closely spaced. Again, the key position prevents a DDR4 module 
from being inserted into an incompatible DDR3 or DDR2 motherboard slot. DDR4 
works at 1.2 V so is more power-efficient than previous standards. 
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RAM Type Pins Voltage 
DDR 184 2.5 to 2.6V 
DDR2 240 1.8 to 1.9V 
DDR3 240 1.35 to 1.5V 
DDR4 288 1.2V 


LAPTOP MEMORY 

Laptop RAM is packaged in a smaller module called Small Outline DIMM (SODIMM). 
Both DDR and DDR2 use 200-pin packages, but the key position for DDR2 is slightly 
different to prevent insertion in a slot designed for DDR. DDR3 uses a 204-pin package 
while DDR4 is 260-pin. 


The memory is typically fitted into slots that pop-up at a 45° angle to allow the chips to 
be inserted or removed. 


SODIMM. (Image © 123RF.com.) 


DUAL-CHANNEL MEMORY 


In the 2000s, the increasing speed and architectural improvements of CPU 
technologies led to memory becoming a bottleneck to system performance. To 
address this, Intel® and AMD developed a dual-channel memory architecture for DDRx 
RAM. Dual-channel was originally used primarily on server-level hardware but is 
commonly being employed on desktop systems and laptops too. 


Single-channel memory means that there is one 64-bit bus between the CPU and 
RAM. With a dual-channel memory controller, there can effectively be two pathways 
through the bus to the CPU, meaning that 128 bits of data can be transferred per 
"transaction" rather than 64 bits. In fact, in most configurations they continue to 
operate as two independent 64-bit pathways, but this still increases the bandwidth 
available. Ordinary RAM modules are used (that is, there are no "dual-channel" DDR 
memory modules). 


Note: DDRx memory is sold in "kits" for dual-channel applications but there is nothing 
special about the modules themselves, other than being identical. 
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Channel B 
(DIMM 2 and 4) 


Motherboard 


Channel A 
(DIMM 1 and 3) 


Sa 1 = > _ 
Motherboard DIMM slots (dual channel). Slots 1 and 3 (black slots) make up one channel, while slots 2 
and 4 (grey slots) make up a separate channel. (Image © 123RF.com.) 


UL 


For example, a dual-channel motherboard might have four DIMM slots arranged in 
color-coded pairs. Each pair represents one channel; each slot represents one of the 
two sockets in each channel. The memory modules installed should be identical in 
terms of speed and capacity. If only two slots are used, to enable dual-channel, the 
modules must be installed in socket 1 of each channel. You will need to consult the 
system documentation carefully to identify the appropriate slots to use. For 
motherboards supporting Intel CPUs and some AMD CPUs, the first sockets in both 
channels are slots 1 and 3. For most AMD CPU-based motherboards, it would mean 
filling slots 1 and 2. Unfortunately, there is no standardized color-coding. As well as 
using different colors, some motherboard manufacturers use the same color for the 
same channel; others use the same color for the same socket. Check the 
documentation carefully. 


Adding an odd number of modules or adding mismatched DIMMs will cause the 
system to operate in single-channel mode. Dual-channel mode may also need to be 
enabled via the PC firmware's system setup program. 


Some of Intel's CPUs and supporting chipsets have triple- or quadruple-channel 
memory controllers. AMD is starting to release quadruple-channel controllers too. In 
these architectures, if the full complement of modules is not installed, the system will 
revert to dual- or single-channel operation. 


PARITY AND ECC RAM 


Motherboards used to use a simple error detection method called parity checking. 
Each byte of data in memory is accompanied by a ninth bit. This bit is set to 1 or 0 to 
make the total number of bits set to 1 in the byte an odd or even number, depending 
on the type of parity checking being performed. When the byte is read, its parity is 
checked to ensure that the parity value is still odd (or even). If this is not the case, a bit 
must have become corrupted. 


System memory for most desktops is non-parity; that is, it does not perform error 
checking (except for the startup memory count). For systems that require a high level 
of reliability (such as workstations and servers), Error Checking and Correcting (ECC) 


Lesson 3: Installing, Configuring, and Troubleshooting Storage Devices | Topic A 


110 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


memory is available. ECC memory is enhanced parity circuitry that can detect internal 
data errors and make corrections. ECC will detect and correct single-bit errors and 
allow the system to continue functioning normally. It will also detect errors of 2, 3 or 4 
bits but will not correct them; instead, it will generate an error message and halt the 
system. 


ECC memory has an extra chip and a 72-bit data bus rather than 64-bit. The 
motherboard must support the use of ECC memory modules (and the option to use 
them must typically be enabled in system setup). ECC memory cannot be mixed with 
non-ECC modules. 


Note: An ECC DIMM will have an odd number of memory chips, whereas non-parity 
DIMMs will have an even number of memory chips. 


MEMORY INSTALLATION AND UPGRADE 


Upgrading the memory is a common task for any PC technician. If the motherboard 
supports it but the system is not configured to use it, enabling a dual-channel 
configuration is the best way of extracting more performance from existing 
components. Increasing the bus speed would require purchasing a new motherboard 
and memory modules (and possibly CPU). 


Note: When you are purchasing a computer, it is a good idea to get the fastest memory 
bus you can afford, as this is the component that is most difficult to upgrade later. 


MEMORY COMPATIBILITY ISSUES 


In terms of compatibility, always consult the motherboard user guide, but consider the 
following general guidelines: 


* The DIMM format must match the motherboard (you cannot install DDR modules in 
DDR2 slots, for instance). 

* Different capacity modules can be installed (with the exception of most multi- 
channel configurations). Most vendors recommend installing the largest module in 
the lowest numbered slot. 

e Modules from different vendors can be mixed, though this may cause problems 
with multi-channel configurations. 

* For best performance, the modules should be the same speed as the motherboard. 
Different speeds can be mixed; that is, you can add modules that are faster or 
slower than the motherboard slots or mix modules of different speeds. The system 
will only operate at the best speed supported by all installed components (memory 
modules and controller), so this is not generally a good idea. 

e For best performance and reliability, configure multi-channel systems with identical 
memory modules for each channel. 

* ECC memory cannot be mixed with non-parity memory and must be supported by 
the motherboard. Similarly, registered memory cannot be mixed with unbuffered 
modules and must be supported by the motherboard. 


Memory modules are quite easy to insert and remove (unless cabling within the case 
makes them inaccessible). The key point here is to ensure that the memory is suitable 
for the system and in the correct configuration. 
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Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
and job aids on How to Install and Upgrade Memory. 
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Activity 3-1 


Discussing System Memory Installation 


SCENARIO 


Answer the following questions to check your understanding of the content presented 
in this topic. 


1. What are the principal characteristics of DRAM technology? 


2. Why is Synchronous DRAM so-called? 


3. What is the clock speed of PC2100 DDR SDRAM? 


4. How many pins are there on a DIMM stick of DDR2 SDRAM? 


5. How can you distinguish memory slots on the motherboard? 


6. Howis laptop system memory typically packaged? 


7. You are configuring a system with dual-channel memory. You have two modules 
and there are four slots. 


How would you determine which slots to use? 


8. Your PC's system bus is 800 MHz. You have one 1 GB stick of PC3-12800 
installed already. You have a 1 GB stick of PC3-8500 available. Should you 
add it to the system? 
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9. Additional memory was installed in a user's system, and now it will not boot. 


What steps would you take to resolve this job ticket? 
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Activity 3-2 


Upgrading Memory 


BEFORE YOU BEGIN 


Your instructor will give you a system memory module or kit to install. Remember that 
memory modules are particularly susceptible to ESD, so handle the modules carefully 
by the plastic edges and avoid touching the chips. 


Perform this activity on your WORKBENCH PC. 


SCENARIO 

Adding extra system memory is one of the simplest (and cheapest) means of 
improving system performance. More memory means less slow pagefile access when 
multiple applications are running or when large files are being manipulated. 


1. Use the Windows System Properties page and the CPUID CPU-Z utility to report 
system information and configuration. 
a) Open System Properties to confirm the amount of RAM currently installed. 


b) Run the CPUID CPU-Z utility by using its desktop shortcut and select Yes when 
prompted by User Account Control (UAC). 


The first tab shows information about the CPU. 
c) Select the Memory tab. 


g ceu-z = x 
CPU | Caches | Mainboard [Memory || SPO | Graphics | Bench | About | 
r General — i 
Type | DOR4 Channel = Dual 
Size 16 GBytes Mode 


NB Frequency | 898.5 MHz 


r Timings 
DRAM Frequency | 1064.1 MHz 
FSB:DRAM 1:16 

CAS# Latency (C1) Í 15.0 docks 

RAS# to CAS# Delay (tRCD) 15 docks 

RAS= Precharge (tRP) 15 docks 

Cyde Time (RAS) | 36 docks 

Row Refresh Cyde Time (tRFC) 278 docks 

Command Rate (CR) Paj 


CPU-Z ver. 1.85.0.x64 Tools |V] Validate Close | 


This tab shows the total amount of system memory, its type and timings as well as 
whether it is configured in dual-channel mode. 
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d) Make anote of the DRAM frequency: 
e) Select the SPD tab. 


E cPu-z i x 
CPU | Caches | Mainboard | Memory [ SPO] Graphics | Bench | About | 
Memory Slot Selection | 

Slot #1 v] DOR4 
Module Size 8192 MBytes 
Max Bandwidth | 00R4-2132 (1066 MHz) 
Manufacturer Samsung Ranks Dual 
Part Number ™M391A1G43060-CP8 
Serial Number 730CBSF 1 Week/Year 06 / 16 
Timings Table 


JEDEC #4 JEDEC#S5 JÆDEC #6 JEDEC #7 
Frequency | 945 MHz 10138 MHz | 10656 MHz | 1066 MHz 


CAS= Latency 13.0 14.0 15.0 16.0 
RAS# to CAS= 14 14 15 15 
RAS= Precharge 14 14 15 15 
tRAS 32 34 % % 
tRC 45 43 so 50 
Voltage 1.20 V 1.20 V 1.20 V 1.20 V 


CPU-Z ver. 1.85.0.x64 __ Tools d Vakdate Close | 


SPD stands for Serial Presence Detect. This chip reports the configuration of a 
memory module installed in a particular slot on the motherboard. You can use this to 
find out if there are spare slots available for upgrade; useful if your system 
documentation has not been kept up-to-date. 


f) Note which slot(s) the memory module(s) are installed in, and if the system is in dual- 
channel mode which slots comprise sockets in different channels. 
* Slots where memory installed: 
* Slots comprising sockets in different channels: 


g) Optionally, select the Graphics tab to view information about the video adapter and 
any graphics memory it might have installed. 


h) Select Close. 


Perform a memory module upgrade, and verify the procedure. 
a) Power down the PC, disconnect the power cable, and take the usual ESD precautions. 
b) Remove the case cover. 


c) Confirm that there is a free memory slot and that the memory you have been given is 
of the correct type. 


Note: If your instructor has additional memory available for you to install in 
the PC, they will give it to you now. If not, you can remove the existing 
memory module and reinstall it. Be sure to follow ESD best practices when 
you work with RAM modules. 


d) Release the clips on the memory slot, and push the module into place, taking care to 
handle it by the plastic parts, rather than touching the chips. 

The clips should snap back into place when the module is properly inserted. 

e) Double-check that the module is seated correctly, and then close the system case. 

f) Reconnect the power cable and start the PC. As the PC boots, look to see if there is a 
memory check (most computers skip this sort of check these days). If there is an 
error, power off the PC again, and check that you have seated the module correctly. 

g) Log on to Windows and double-check in System Properties that the RAM has been 
recognized. 
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h) Run the CPUID CPU-Z utility again and check the memory configuration. Is it still 
running at the same speed? 


Answers will vary depending on the DIMM used to upgrade the PC. 
i) Close the System Information and CPU-Z windows. 


3. If necessary, uninstall the added memory and return it to your instructor. 
a) Power down the PC, disconnect the power cable, and take the usual ESD precautions. 
b) Uninstall the extra module and hand it back to your instructor. 
c) Close the system case, reconnect the power cable, and restart the PC. 
d) Login to Windows. 
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Topic B 


Install and Configure Mass Storage 
Devices 


EXAM OBJECTIVES COVERED 
B 1001-3.1 Explain basic cable types, features, and their purposes. 


1001-3.4 Given a scenario, select, install and configure storage devices. 


Mass storage devices such as hard disks are one of the most common system 
components you will install. In this topic, you will install and configure hard disk drives 
(HDDs) and solid state drives (SSDs). Users rely on local persistent storage devices to 
keep their applications and data current and available. As a CompTIA® A+® technician, 
your responsibilities are likely to include installing and configuring different types of 
storage devices to provide your users with the data-storage capabilities that they need 
to perform their jobs. 


STORAGE DEVICES 


System memory provides a fast storage medium for the operating system and 
applications but is volatile, meaning that data cannot be stored without a power 
supply. Non-volatile storage devices (or mass storage devices) hold data when the 
system is powered off. Removable mass storage devices and removable media allow 
data to be archived from the PC and transferred between PCs. 


Mass storage devices use magnetic, optical, or solid state technology to store data. At 
least some storage devices are fitted as internal components. In the case of internal 
devices that use removable storage media, the drive is positioned at the front of the 
case so that the media can be inserted and removed. Hard drives do not need user 
access and so do not need to be positioned near a faceplate. 


External storage devices are also popular for backup and data transfer or to provide a 
drive type not available as an internal unit. A device such as an external hard drive 
would typically be connected to the computer via a USB port. 


HARD DISK DRIVES 


Even with the advances in the speed and capacity of other types of storage technology, 
the hard disk drive (HDD) remains the primary method of persistent storage for PC 
data. On a workstation PC, the hard disk drive will store the operating system files, 
application program files, system software files (such as drivers), and user data. On a 
server PC, the hard disks will store individual user files and shared sources of 
information, such as databases. Advances in hard disk technology have enabled disks 
of up to 8 terabytes (8000 GB) to be produced, although smaller capacities are more 
common for performance and reliability reasons. 
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Platters 


Spindle 


Actuator 


Read\white 
Heads 


HDD with drive circuitry and casing removed showing 1) Platters; 2) Spindle; 3) Read/write heads; 4) 
Actuator. (Image by mkphotoshu © 123RF.com.) 


In an HDD, data is stored on several metal or glass platters that are coated with a 
magnetic substance. The top and bottom of each platter is accessed by its own read/ 
write head, moved by an actuator mechanism. 


These heads do not actually touch the surface of the platters. The platters are 
mounted on a spindle and spun at high speed and the heads "float" above them at a 
distance of less than a millionth of an inch. The disk unit is kept sealed to maintain a 
constant air pressure (important for keeping the drive heads at the correct distance 
from the platters) and to prevent the entry of dust. 


Each side of each platter is divided into circular tracks and each track contains several 
sectors, each with a capacity of 512 bytes. This low-level formatting is also referred to 
as the drive geometry. 


There are two main formats for HDDs. 3.5" units are the mainstream type used in PCs. 
2.5" form factors are used for laptops and as portable external drives. There is also a 
1.8" form factor but it is not widely used. 2.5" HDDs can also vary in height, with 15 
mm, 9.5 mm, 7 mm, and 5 mm form factors available. 


DRIVE BAYS AND CADDIES 

A drive can be fitted using a caddy. You screw the drive into the caddy and then screw 
the caddy into the case. A caddy can also allow you to fit a drive of a different size to 
the bay. For example, you can fit a 2.5" drive in a 3.5" bay by using an adapter caddy. 
Some caddies use rails so that you can pull the drive out without having to open the 
case. 


HDD PERFORMANCE FACTORS 


Several factors determine overall hard disk performance. One factor is the speed at 
which the disks can spin, measured in Revolutions Per Minute (RPM). The higher the 
RPM, the faster the drive is. High performance drives are rated at 15,000 or 10,000 
rpm; average performance is 7,200 or 5,400 rpm. 
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RPM is one factor determining access time (measured in milliseconds), which is the 
delay that occurs as the read/write head locates a particular track position (seek time) 
and sector location (rotational latency) on the drive. A high performance drive will 
have an access time below 3 ms; a typical drive might have an access time of around 6 
ms. 


The internal transfer rate (or data or disk transfer rate) of a drive is a measure of 
how fast read/write operations are performed on the disk platters. A 15 K drive should 
support an internal transfer rate of up to about 180 MBps, while 7.2 K drives will be 
around 110 MBps. The external transfer rate (often simply described as the transfer 
rate) measures how fast data can be transferred to the CPU across the bus. Cache 
memory can help to sustain better transfer rates. A high performance disk may feature 
an 8 MB or better cache. 


Note: Generally, the burst transfer rate is quoted. This is the maximum possible transfer 
rate under ideal conditions and cannot be sustained over a long period. 


The other crucial factor that impacts HDD performance is reliability. Reliability is rated 
by various statistics, including Early-life Failure Rate, Mean Time Between Failure 
(MTBF), which is the number of hours that a device should operate (under optimum 
conditions) before a critical incident can be expected, and life expectancy, which is the 
duration for which the device can be expected to remain reliable. All drives now 
feature Self-Monitoring Analysis and Reporting Technology (S.M.A.R.T.) to pass 
status information and alerts back to monitoring software. This can provide advance 
warning that a drive is about to fail. 


Some of the major hard drive vendors include Seagate, Western Digital, Maxtor, 
Hitachi, Fujitsu, Toshiba, and Samsung. 


STORAGE ADAPTERS AND CABLES 


Host Bus Adapters (HBAs) provide a connection point for internal mass storage 
devices, such as hard drives, optical drives, and tape drives. The interface between the 
drive, host adapter, and the rest of the system is a type of bus. There used to be two 
main bus standards for attaching internal storage devices to a PC—Parallel ATA (PATA) 
and Small Computer System Interface (SCSI)—but these have now largely been 
replaced by SATA. 


Note: HBAs are also commonly referred to as drive controllers. Technically, the 
controller is the circuitry in the disk unit that allows it to put data on the bus, which the 
HBA shuttles to the CPU or RAM. 


SATA 


Serial Advanced Technology Attachment (SATA) is the standard means of attaching 
internal storage drives to a desktop PC. It has superseded the legacy Parallel ATA 
(PATA) technology. 


As the name suggests, SATA transfers data in serial format. This allows for thin, flexible 
cables of up to 1 m (39"). The cables are terminated with compact 7-pin connectors. 
Each SATA host adapter port supports a single device. SATA is a hot swappable 
interface. This means that a compatible drive can be connected or disconnected while 
the system is running. 
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= 


Data Cable Power Cable 


SATA connectors and ports (from left to right): SATA data, SATA power (with 3.3V orange wire). (Image 
© 123RF.com.) 


The first commercially available SATA standard supported speeds of up to 1.5 Gbps. 
This standard was quickly augmented by SATA revision 2 (3 Gbps) and then SATA 
revision 3 (6 Gbps). 


Front View of 


Legacy PATA/IDE 6 SATA Ports 
Port 


SATA Ports 


Motherboard SATA and legacy PATA/IDE ports. (Image © 123RF.com.) 


More information on SATA standards can be obtained from www.sata-io.org. 


popular in the server market. It supports over 16,000 devices, offers point-to-point links 
(as opposed to shared bandwidth), has none of the termination issues that complicated 
legacy SCSI, and supports higher bandwidths (up to 12 Gbps). 


@ Note: While SATA dominates the PC market, Serial Attached SCSI (SAS) is also very 
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SOLID STATE DRIVES 


Flash memory is being incorporated onto a new generation of Solid State Drives 
(SSDs) designed to replicate or supplement the function of the hard drive. 


A 2.5" form factor solid state drive with SATA interface. (Image © 123RF.com.) 


The advantages of flash memory-based SSDs are: 


* The lack of moving parts makes them quieter, more power efficient, and less prone 
to catastrophic failure or damage due to shock (dropping or moving a device 
rapidly, for instance). 

* Read times are better because seek time and consequently the effect of file 
fragmentation is eliminated. 

* They are less susceptible to data loss in the event of power failure. 

* Most drives still feature DRAM-based write cache to improve performance. In the 
event of a power failure, unwritten cache would be lost. However, the DRAM cache 
may be backed up by a battery to cover this eventuality. 


The main disadvantage is the high cost; a 64 GB SSD costs a bit more than a 2 TB HDD 
(a 1 TB SSD can cost the same as a top-end server). 


SSD INTERFACES AND FORM FACTORS 


An SSD might be installed as the computer's only internal drive or as a system drive for 
use with an additional hard drive. The SSD would normally be used to install the OS 
and software applications, whereas the HDD would be used for user data files. In this 
configuration, both drives are available to the user. 


An SSD might be installed to a SATA port as with a mechanical HDD. This is any easy 
way to upgrade the 2.5" drive in a laptop as the device form factor is exactly the same. 
The main drawback is that the 6 Gbps SATA interface can be a bottleneck to the best 
performing SSDs. Consequently, modern SSDs often use the PCI Express (PCle) bus 
directly. Where SATA uses the Advanced Host Controller Interface (AHCI) logical 
interface to communicate with the bus, PCle-based SSDs use the Non-Volatile 
Memory Host Controller Interface Specification (NVMHCI) or NVM Express 
(NVMe) for short. 


A PCle-based SSD can either be implemented as a regular PCle adapter card or Add-in 
Card (AiC) or it can use the M.2 adapter interface. M.2 can use up to 4 PCle lanes. Note 
that M.2 adapters are not hot-swappable or hot-pluggable. An M.2 adapter is 
considerably smaller than a PCle adapter so the interface is often used on laptops as 
well as PC motherboards. M.2 supplies power over the bus so there is no need for a 
separate power cable. M.2 adapters can be different lengths (42 mm, 60 mm, 80 mm, 
or 110 mm), so you should check that any given adapter will fit on your motherboard. 
Labels indicate the adapter sizes supported. 
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the SATA/AHCI bus. These will not perform as well as NVMe-based M.2 SSDs. On the 
motherboard, an M.2 socket may be able to support both types of drive or only one; 
check the documentation. The key position on the connector is different for SATA and 
NVMe models. Also note that M.2 can be used for wireless adapters too. 


@ Note: Note that M.2 is a physical form factor and so you can obtain M.2 SSDs that use 


Express bus. It uses a different connector, but the port is backwards-compatible with 
"ordinary" SATA cabling. You might also come across the U.2 (or SFF-8369) interface. U.2 
uses the same physical interface as SATA Express and is hot-swappable, but supports up 
to 4 PCle lanes, like M.2. 


© Note: SATA 3.2 defines SATA Express (SATAe) as a means of interfacing with a 2-lane PCI 


SSD PERFORMANCE FACTORS 


SSDs normally outperform HDDs but there are situations where they can perform 
worse than HDDs; when serving large (GB) files, for example. 


When making a detailed comparison between different types of storage technology, 
you need to compare performance against different types of data transfer. For 
example, read and write performance are not equivalent. There are also differences 
between sequential access (reading data from the same "block" as might happen when 
transferring a large file) and random access (reading data from different locations on 
the drive or transferring lots of small files for instance). Along with the data throughput 
and latency/access time, you may need to consider the number of Input/Output 
Operations per Second (IOPS) that can be achieved by a device for different kinds of 
data transfer operation. 


Flash chips are also susceptible to their own type of degradation over the course of 
many write operations, so the drive firmware and operating system must use wear 
leveling routines to prevent any single storage location from being overused and 
optimize the life of the device. 


HYBRID DRIVES 


Solid state storage may also be incorporated on a hybrid drive. In a hybrid drive, the 
SSD portion functions as a large cache, containing data that is accessed frequently. The 
magnetic disc is only spun up when non-cached data is accessed. Version 3.2 of the 
SATA standard defines a set of commands to allow the host computer to specify how 
the cache should be used (also referred to as host-hinted mode). Alternatively, the 
drive firmware can run self-optimizing routines. The user does not have direct control 
over files stored on the cache. 


DUAL-DRIVE CONFIGURATIONS 


Another option is for separate SSD and HDD units to be installed in a dual-drive 
configuration. In this case, the system chipset and storage drivers, usually based on 
Intel Smart Response Technology (SRT), make the caching decisions. Again, the user 
does not have control over the use of the SSD. 


Note: SRT can only use caches up to 64 GB (at the time of writing). If the SSD is larger, 
SRT can reserve part of the drive for caching and the remainder of the capacity is then 


available to the user and can be manipulated via the OS disk and file management tools. 


LEGACY STORAGE TECHNOLOGIES 


While SATA is the dominant connection method for most drive types, you may come 
across systems using much older host bus adapters, such as IDE and SCSI. It is 
important that you know how to configure these older technologies. 
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IDE/PATA 


The Parallel Advanced Technology Attachment (PATA) interface was the principal 
mass storage interface for desktop PCs for many years. The interface was (and still is) 
also referred to as IDE (Integrated Drive Electronics) or EIDE (Extended IDE). As the 
name suggests, an EIDE bus uses parallel data transfers, meaning 16 bits is transferred 
for each clock tick. 


A motherboard supporting PATA may come with one or two host adapters or 
channels, called IDE1 and IDE2 or primary (PRI IDE) and secondary (SEC IDE). A single 
PATA channel is now more typical if the motherboard also supports SATA. Each PATA 
channel supports two devices, 0 and 1, though they are usually labeled master and 
slave. 


A PATA drive features a 40-pin port but typically uses 80-wire shielded cables, which 
are required for UDMA4 or better transfer modes. PATA cable is supposed to be up to 
46 cm (18") long. Each PATA cable typically has three connectors, one for the 
motherboard and one for each device. Most cables are "Cable Select," allowing the 
master and slave device to be identified by the position of the connector on the cable. 
Pin 1 on the cable must be oriented with pin 1 on the connector. On the cable, pin 1 is 
identified with a red stripe. The connectors are also keyed to prevent them from being 
inserted the wrong way around. 


PATA Cable Pa 


Indicating Pin 1 


Motherboard 
Connector (Blue) 


Slave 
Connector (Grey) 


Master 
Connector (Black) 


PATA cable with master (black), slave (grey), and motherboard (blue) connectors. The red strip 
indicates pin 1 on the cable. Note: There is currently a movement to generally rename the "master/ 
slave" terminology to combinations like "parent/child" or "leader/follower." (Image © 123RF.com.) 


PATA standards have evolved over the years. This table lists some of the later ATA 


standards. 
Max. Transfer Rate 
Interface Standard DMA Mode (MBps) Special Features 
ATA/ATAPI-4 UDMA 2 (Ultra 33 Ultra DMA, 80- 
ATA/33) conductor cable, 
and cyclic 
redundancy 
checking 
ATA/ATAPI-5 UDMA 4 (Ultra 66 
ATA/66) 
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Max. Transfer Rate 


Interface Standard DMA Mode (MBps) Special Features 
ATA/ATAPI-6 UDMA 5 (Ultra ATA/ 100 48-bit LBA 
100) expansion, and disk 
noise reduction 
ATA/ATAPI-7 UDMA 6 (Ultra ATA/ 133 Multimedia 
133) streaming 
Table notes: 


* ATAPI stands for ATA Packet Interface and is an extension to ATA to support 
CD/DVD drives and tape drives. 

* DMA (Direct Memory Access) mode refers to the way that data is transferred to and 
from system memory. 

* Inthe early days of the EIDE interface, BIOS versions severely restricted maximum 
drive capacity. Driver software in the OS now handles drive addressing. Logical 
Block Addressing (LBA) is a method of telling the drive how to address a particular 
place on the disk surface. 48-bit LBA supports drives up to a (theoretical) 144 
Petabytes. 


SCSI 


Small Computer Systems Interface (SCSI) is another parallel bus. One SCSI Host Bus 
Adapter (HBA) can control multiple devices, attached by internal ribbon cables or 
external SCSI cables. The SCSI standard also defines a command language that allows 
the host adapter to identify which devices are connected to the bus and how they are 
accessed. 


SCSI was used to connect peripherals of different types but is now only associated with 
the connection of storage devices. As with IDE, you will not find SCSI on new systems, 
but should know how to configure it in case you encounter any legacy systems still 
depending on it. ASCSI port is denoted by the following symbol: © 


The main SCSI standards are described in this table. 


Max. Cable 
Interface Bandwidth Bus Width Length 
Protocol Standard (MBps) (bits) (meters) 
SCSI-1 SCSI-1 5 8 « SE: 6 

* LVD: NA 

* HVD: 25 
Fast SCSI SCSI-2 10 8 « SE:3 

« LVD: NA 

« HVD: 25 
Fast-Wide SCSI SCSI-2 20 16 e. SE:3 

« LVD: NA 

« HVD: 25 
Ultra SCSI SCSI-3 20 8 e SE: 1.5 

« LVD: NA 

e HVD: 25 
Ultra Wide SCSI SCSI-3 40 16 « SE: NA 

« LVD: NA 

« HVD: 25 
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Max. Cable 
Interface Bandwidth Bus Width Length 
Protocol Standard (MBps) (bits) (meters) 
Ultra2 SCSI SCSI-3 40 8 « SE: NA 

e LVD: 12 

e HVD: 25 
Ultra2 Wide SCSI-3 80 16 . SE: NA 
SCSI * LVD:12 

* HVD: 25 
Ultra3 SCSI SCSI-3 160 16 e SE: NA 
(Ultra160 SCSI) * LVD: 12 

« HVD: NA 
Ultra 320 SCSI  SCSI-3 320 16 « SE: NA 

« LVD: 12 

* HVD: NA 


Given the number of different versions of the standard, SCSI configuration is relatively 
complex. SCSI devices were typically used on server-class hardware rather than on 
desktop PCs. 


* Host adapter—the SCSI host adapter must be installed and recognized by the 
system for devices to be detected. A third-party driver might have to be installed for 
the host adapter to be recognized. 

* Bus width—SCSI originally supported 8 devices (the host adapter counts as a 
device). Wide SCSI supports up to 16 devices. 

* Signaling—SCSI specifies three signaling methods. Most buses and devices use Low 
Voltage Differential (LVD). Single Ended (SE) devices can be added to an LVD bus, 
but it reduces the performance of the whole bus. H(igh)VD is incompatible with the 
other two and must not be mixed. 

* Termination—a SCSI bus must be terminated at both ends, usually by enabling 
termination on the first and last devices in the chain. Termination may either be 
enabled internally on the device by setting a switch or by physically connecting a 
terminator pack to a device or the host adapter. 


Note: There are passive and active terminators. Passive terminators are generally 
used with older devices (pre-Ultra SCSI). When installing a terminator pack, the 


terminator must match the signaling type (SE, LVD, HVD, or SE/LVD). Termination is 
also made more complex if there is a mix of narrow (8-bit) and wide (16-bit) devices 
on the bus. 


« |D—each SCSI device must be allocated a unique ID, from 0 to 7 (or 15 for wide 
SCSI). IDs may be allocated automatically or by setting a jumper or click-wheel on 
the device itself. The order of SCSI ID priorities (from highest to lowest) is 7 through 
to 0 then 15 through to 8. 


Note: The host adapter is usually set to 7 or 15. A bootable hard disk is usually 
allocated ID 0. 


There were numerous SCSI connectors. Some of the most common were: 


* HD68—68-pin connectors used for internal and external ports. 68-pin adapters 
support Wide SCSI. 

* Single Connector Attachment (SCA)—an 80-pin connector that incorporates both a 
power connector and configuration wires, allowing for hot swappable drives. 
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GUIDELINES FOR INSTALLING MASS STORAGE DEVICES 
Note: All of the Guidelines for this lesson are available as checklists from the Checklist 
tile on the CHOICE Course screen. 


Consider these guidelines when installing mass storage devices. 


INSTALL MASS STORAGE DEVICES 

There are several things to consider when you are installing an internal storage device 
in a computer system. It is not as simple as just plugging the device into the slot inside 
the case. Make sure you consider each factor before installation: 


Does the computer have existing internal storage devices? Do you need to plan 
for the addition of another controller for an additional device? You might need to 
purchase an additional SATA controller before you can add another SATA device. In 
addition, make sure that the computer has an available slot for the controller. 

Does the device need additional drivers installed? Make sure that you have the 
appropriate operating system device drivers to install the new storage device on the 
computer. If necessary, download the device drivers from the device 
manufacturer's website. 

Does the computer have an available power supply cable to supply power to 
the device? If not, you can purchase splitters to enable two (or more) devices to be 
connected to a single power connection, but be aware of power consumption. The 
number of connectors approximates the available power, so make sure that the 
storage device will not cause the computer to exceed the capacity of its power 
supply. 

Does the computer have an available drive bay for the storage device? Most 
hard drives require a 3.5-inch drive bay; most tape drives and optical drives require 
a 5.25-inch drive bay. If you want to install a hard drive in a 5.25-inch drive bay, you 
will need drive rails. Make sure you place the storage device where it will get good 
air flow to avoid overheating the device. Consider the placement of the drives inside 
the bays with the cable configurations. You may need to adjust the placement of the 
drives to match the order of cable connectors. 

Do you have the necessary data cables to connect the storage device to the 
controller? You will need a SATA data cable for each hard drive in the PC. Other 
types of storage devices might require different types of data cables. 

Does the placement of the device interrupt the air flow of the case? Make sure 
there is enough total air flow to handle whatever heat the new storage device will 
add to the computer. 


Note: When adding or removing storage devices (or performing any type of work 
inside the PC case), make sure that you take a backup of any data stored on local 


drives. 


that supplement the content for this lesson. 


>) Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vf and job aids on How to Install and Configure Mass Storage Devices. 
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Activity 3-3 


Discussing Mass Storage Device 
Installation and Configuration 


SCENARIO 


Answer these questions to check your understanding of the content presented in this 
topic. 


1. True or false? The read/write heads on an HDD require regular cleaning to 
obtain optimum performance from the disk. 


2. What basic factor might you look at in selecting a high-performance drive? 


3. What is a S.M.A.R.T. hard disk? 


4. True or false? SATA is an interface for hard drives only. 


5. How many storage devices can be attached to a single SATA port? 


6. In what two ways could a PC be configured to use an SSD cache? 


7. You are upgrading a drive. You have removed the main panel from the PC, 
disconnected the data and power cables, and removed the screws holding 
the drive to the cage, but it will not slide out. What is your next step? 
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Activity 3-4 


Installing Storage Devices 


BEFORE YOU BEGIN 


To complete this activity, you will need the following hardware components for your 
workbench PC. If you do not have these available, you can remove and reinstall the 
existing hardware: 

* A second hard drive or an optical drive and an empty drive bay. 

* An available power connection for the device you are adding to the system. 

* Optionally, rails to allow smaller drives to fit into larger drive bays. 


You will perform this activity on your WORKBENCH PC. 


SCENARIO 


In this activity, you will install an additional disk drive into your system. The type of disk 
you install will depend on the components available, so check with your instructor to 
see which of the following steps you should complete and for any additional 
instructions. 


1. List the type of removable storage devices in your PC and details such as model 
name or slot types. 


Drive Type Details 
Drive 
Drive 
Drive 


Memory 
Card Reader 


Memory 
Card Reader 


one or more USB drives, as well as possible eSATA ports. Revise the left column as 


Note: You're likely to have an optical drive, one or more memory card readers, and 
needed to distinctly identify each drive. 


2. Adda SATA hard drive and/or optical drive to your system. Depending on the 
motherboard, you may also need to install a host adapter. 
a) Power off the system, unplug all the peripherals and power cord, and open the 
computer case. 
b) Examine the motherboard to determine whether there are any SATA ports. 


c) If there are no SATA ports, locate a free adapter slot, and remove the blanking plate. 
Install the SATA host adapter and screw it down. 


d) Locate an available drive bay, and determine if the bay is the same form factor as the 
drive. Secure the drive to it, using a caddy and rails if necessary. 


e) Connect the drive to an available SATA port using a SATA cable. 
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f) Attach a power connector to the drive. You may need to obtain a Molex-SATA power 
converter from your instructor. 
g) Replace the cover on your PC and reboot it. 


h) Observe startup messages to check that the drive is detected. If the drive is not 
detected, check either that the onboard controller is enabled (through system setup) 
or that the host adapter has been recognized. 


If you installed a hard disk, complete the following steps to make a partition and 
format it so that the disk is usable. If you installed a removable storage device, 
just check that you can read some removable media using it. 
a) Reboot the PC into Windows and log on. Press the Windows+X keys and select 
Computer Management. Select the Disk Management tool. 
Your new disk should appear as Disk 1. 
b) Inthe Initialize Disk dialog box, select GPT and then select OK. 
c) Right-click the area of Unallocated Space and select New Simple Volume. 
d) Select Next. 
e) Select Primary Partition and select Next. 
f) | Use the maximum amount of disk space. Select Next. 
g) Assign drive letter H. Select Next. 


h) Select the NTFS file system and use the partition label HOME. Check the box to 
perform a quick format. Select Next, and then select Finish. 


i) After the format is complete and the partition is marked healthy, test that it is 
accessible by copying some files to it from your C: drive. 


j) In Disk Management, right-click the volume and select Delete Volume. Select Yes to 
confirm. 


Reverse the steps above to uninstall the extra drive(s) plus any adapter cards that 
you installed and return them to your instructor. 


Note: Your instructor will let you know if you need to perform this step. 
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Topic C 


Install and Configure Removable Storage 


EXAM OBJECTIVES COVERED 
a 1001-3.4 Given a scenario, select, install, and configure storage devices. 


1001-3.6 Explain the purposes and uses of various peripheral types. 


Sometimes, the needs of the user are such that providing additional system memory 
and mass storage devices is not enough. Consider a situation where raw data is 
supplied to a user via a DVD, thumb drive, or flash memory card. How will the user get 
the information off the media and into their PC where they can work with it? In this 
topic, you will install and configure removable storage. 


REMOVABLE STORAGE 


Removable storage can refer to either a storage device that can be removed, or 
storage media that is removable. 


Internal hard drives and Solid State Drives provide persistent storage for the 
computer's OS files, software applications, and user data files. Other types of 
persistent storage can be used as removable media. A removable disk or drive can be 
attached to a different computer to move or copy data files. Removable media is also 
used to make a backup. 


OPTICAL MEDIA 


Compact discs (CDs) and digital versatile discs (DVDs) are mainstream storage 
formats for consumer multimedia, such as music and video. Both formats have been 
adapted for data storage with PC systems. The CD/DVD drives used with PCs can also 
play consumer versions of the discs. 


e The data version of the CD-ROM (CD) became ubiquitous on PC systems as it has 
sufficient capacity (700 MB) to deliver most software applications. 

* DVD is an improvement on CD technology and delivers substantially more capacity 
(up to about 17 GB). DVDs are used for software installs and for games and 
multimedia. 


COMPACT DISCS 

ACD is a layer of aluminum foil encased in protective plastic, which can also 
incorporate a label or screen-printed image on the non-playing side. The foil layer 
contains a series of pits and spaces in-between (called lands) arranged in a spiral. The 
changes between pits and lands are used to encode each bit. A standard CD is 120 mm 
in diameter and 1.2 mm thick. There are also 80 mm discs, which are playable in most 
CD-ROM drives. 


A recordable version of the CD (CD-R) was developed in 1999. Rather than a 
premastered layer of foil with pits and lands, CD-Rs feature a layer of photosensitive 
dye. A special laser is used to transform the dye, mimicking the pits and lands of a 
normal CD, in a process called burning. Most ordinary CD players and drives can read 
CD-Rs but they may not play back properly on older equipment. CD-R is a type of Write 
Once Read Many (WORM) media. Data areas once written cannot be overwritten. If 
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there is space, a new session can be started on the disc. However, this makes the disc 
unreadable in older CD-ROM drives. 


A rewritable (or multisession) disc format (CD-RW) has also been developed. This uses 
a heat sensitive compound whose properties can be changed between crystalline and 
amorphous by a special laser. There is some concern over the longevity of recordable 
CD (and DVD) media. Cheaply manufactured discs have shown a tendency to degrade 
and become unusable (sometimes over the space of just a few years). 


Note: While the regular capacity of a CD is 700 MB, there are high capacity 800 MB (90 
minute) and 860 MB (99 minute) discs that can be used with a CD writer that supports 


overburning. Note that overburning is more likely to produce disks with data or playback 
errors. 


DIGITAL VERSATILE DISCS 

Compared to CDs, DVDs have higher densities. DVDs are also thinner and can be dual- 
layer (DVD DL) and/or double-sided (DVD DS). Double-sided discs need to be turned 
over to play or record to the second side. 


DVDs also feature a higher transfer rate, with multiples of 1.32 MBps (equivalent to 9x 
CD speed). The fastest models feature 24x read and write speeds. 


Like CDs, there are recordable and rewritable versions of DVDs, some of which support 
dual layer recording. There are two slightly different standards for recordable and 
rewritable DVDs, referred to as DVD-R/DVD-RW versus DVD+R/DVD+RW. Most drives 
can read all formats but write in either + or - format. Many consumer DVD players can 
play DVD+R discs. An additional format, Panasonic's DVD-RAM, is not widely supported 
by computer DVD drives but is optimized for multiple write operations and so well 
suited to data storage. DVD+R supports dual layer and double-sided media, whereas 
DVD+RW supports double-sided media only. 


BLU-RAY DISCS 


Blu-ray Discs (BDs) have emerged as the next generation format for distributing 
consumer multimedia and can be used to distribute large applications, such as video 
games. Blu-ray is principally required to cope with the demands of High Definition 
video recording and playback. HD requires more bandwidth and storage space 
because it uses a much higher resolution picture (1920x1080 compared to 720x480 
[NTSC] or 720x576 [PAL]) and better quality audio (digital surround sound). 


A Blu-ray Disc works on fundamentally the same principle as DVD but with a shorter 
wavelength laser (a 405 nm blue laser compared to DVD's 650 nm red laser). This 
means discs can be higher density, although the cost of components to make the 
drives is greater. The base speed for Blu-ray is 4.5 MBps and the maximum theoretical 
rate is 16x (72 MBps). 2x is the minimum required for movie playback. 


A standard BD has a capacity of 25 GB per layer; mini-discs (8 cm) can store 7.8 GB per 
layer. Dual-layer discs can store up to 50 GB and are readable in ordinary BD drives. 
Triple-layer 100 GB and quad-layer 128 GB (not currently re-recordable) discs are 
defined in the BD-XL specification. These require BD-XL compatible drives for writing 
and reading. There are currently no double-sided formats. 


STANDARDS 


Standards for the different types of CDs are published by Phillips and Sony as 
differently colored books. 


Standard CD Type 
Red book Audio CDs (16-bit sampled at 44.1 Hz). 


Lesson 3: Installing, Configuring, and Troubleshooting Storage Devices | Topic C 


132 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


Standard CD Type 


Yellow book Data CDs with error correction (Mode 1) or without (Mode 2). 
Mode 2 makes more space available but is only suitable for use 
with audio and video where small errors can be tolerated. 


Orange book Defines the unused CD-MO and the more popular CD-R and 
CD-RW. 


Standards for DVDs include the following. 


Standard Capacity (GB) Description 

DVD-5 4.7 Single layer, single-sided. 

DVD-9 8.5 Dual layer, single-sided. 

DVD-10 9.4 Single layer, double-sided. 

DVD-18 17.1 Dual layer, double-sided. 

DVD-Video Up to 17.1 Commercially produced DVDs using mpeg 


encoding and chapters for navigation (can 
be single or dual layer and single or 
double-sided). 


DVD-Audio 8.5 Format for high quality audio (superior 
sampling rates and 5.1 surround sound, 
for instance). 


DRM AND REGION CODING 


Consumer DVDs feature copy protection mechanisms such as Digital Rights 
Management (DRM) and region coding. Region coding, if enforced, means that a disc 
can only be used on a player from the same region. 


Here are the DVD region codes in use: 


* Region 0: No coding (playback is not restricted). 

* Region 1: Canada and the US. 

* Region 2: Europe, the Middle East, Japan, South Africa, and Egypt. 
e Region 3: SE Asia. 

* Region 4: South America, Australia, and New Zealand. 

* Region 5: Russia, parts of Africa, and parts of Asia. 

* Region 6: China. 


A~ Note: The DVD drive region can be set via Device Manager. 
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General DVD Region Volumes Driver Details Events 


Most DVDs are encoded to play in specific regions. To play a 
regionalised DVD on your computer, you must set your DVD drive to 
play discs from that region by selecting a geographic area from the 
following list. 


CAUTION You can change the region a limited number of times. 
Once changes remaining reaches zero, you cannot change the region even 
if you re-install Windows or move your DVD drive to a different computer. 


Changes remaining: 4 
To change the current region, select a geographic area and click OK. 


Afghanistan A 
Albania 

ia 
American Samoa 
Andorra 
Angola 
Anguilla 


Current Region: Region 2 
New Region: | 


[Lok] | canca 


The DVD region supported by a PC DVD drive can be changed via Device Manager—though the 
firmware only permits a limited number of changes. (Screenshot used with permission from Microsoft.) 


| < 


Some DVD players are multi-region, but some discs feature protection mechanisms to 
disable playback in such machines. PC software is not usually region coded, with the 
exception of some PC game discs. 


Like DVDs, consumer Blu-ray Discs (BD-ROMs) are likely to be DRM-protected and may 
be region coded: 


* Region A: America, Japan, and SE Asia. 
* Region B: EMEA, Africa, Australia, and New Zealand. 
e Region C: Russia and Central Asia (including China). 


OPTICAL DRIVES 
Optical drives include CD drives, DVD drives, and Blu-Ray drives. 


Optical drives are considerably larger than hard disks (5.25" form factor). An internal 
unit would be installed to a 5.25" drive bay and connected to the motherboard via 
SATA data and power connectors. An external unit would be connected via USB (or 
possibly eSATA or Thunderbolt). External optical drives typically require their own 
power supply, provided via a supplied AC adapter. CD drives are rated according to 
their data transfer speed. The original drives had a data transfer rate of 150 KBps. 
Subsequently, drives have been available that offer multiples of the original rate; this 
would be around 52x for new models, offering transfer rates in excess of 7 MBps. 
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Optical disc drive. (Image © 123RF.com.) 


Many optical drives also function as recordable/rewritable CD burners (or writers). 
Such drives feature three speeds, always expressed as the Record/Rewrite/Read speed 
(for example, 24x/16x/52x). One feature to look out for on such drives is BURN-proof 
technology, which prevents discs being ruined by buffer under-run errors (where the 
software cannot supply the drive the data to write quickly enough). 


A CD drive consists of a spindle motor (to spin the disc), a laser and lens (to read the 
disc), and a tracking system to move the laser and lens assembly. The mechanism for 
inserting a CD is either tray or slot based. Slot-loading mechanisms have rollers that 
grab the disc. Sometimes, these cannot handle non-standard disc sizes. A drive may 
feature audio play and volume controls and a headphone jack. 


Note: Drives also feature a small hole that accesses a disc eject mechanism (insert a 
paper clip to activate the mechanism). This is useful if the standard eject button will not 
work or if the drive does not have power. 


A DVD drive is similar to a CD drive, but with a different encoding method and a 
shorter wavelength laser. DVD drives also feature a higher transfer rate, with multiples 
of 1.32 MBps (equivalent to 9x CD speed). The fastest models feature 24x read and 
write speeds. 


introduced, drives that could burn CDs but only read DVDs were referred to as combo 


Note: Most DVD drives can read and burn both DVD and CD media. When DVD was first 
drives. 


Generally speaking, Blu-ray drives are also capable of CD and DVD playback and 
burning. Recordable (BD-R) and re-recordable (BD-RE) drives and discs are also 
available. BD-R is often available at the same speed as playback while BD-RE is usually 
half playback speed. 


FLASH MEMORY DEVICES 


Solid state storage is any type of persistent digital storage technology that does not 
use mechanical parts. Most solid state devices used with modern PCs are based on 
flash memory. Flash memory is a type of non-volatile Electrically Erasable 
Programmable Read-Only Memory (EEPROM), also referred to as NAND flash. Flash 
memory is non-volatile because it does not need a power source to retain information. 


Compared to other types of storage, flash memory is very small and light. Mass 
manufacturing has seen prices fall to affordable levels. Storage capacity ranges from 
512 MB to 256 GB. Larger drives than this are available but (at the time of writing) are 
prohibitively expensive. 


As the costs of producing flash memory have fallen, it has become a very popular 
removable storage technology. 
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USB thumb drive (left) and SD memory card (right). (Image © 123RF.com.) 


There are many ways of packaging flash memory for external storage use. One of the 
most popular is the USB drive (or thumb or pen drive). This type of drive simply plugs 
into any spare USB port. 


Another popular type of packaging is the memory card, used extensively in consumer 
digital imaging products, such as digital still and video cameras. There are several 
proprietary types of memory card. 


* Secure Digital (SD)—this full-size card comes in three capacity variants. The original 
SD cards have a 2 GB maximum capacity, whereas SDHC is up to 32 GB and SDXC is 
up to 2 TB. There are also four speed variants. The original specification is up to 25 
MBps, UHS allows up to 108 MBps, UHS-II is rated at up to 156 MBps full duplex or 
312 MBps half duplex, while UHS-III specifies two full duplex rates of 312 MBps 
(FD312) and 624 MBps (FD624). 

* Mini-SD—this is a smaller version of the SD card, using the same capacity and speed 
designations. 

* Micro-SD—this is the smallest version of the SD card, using the same capacity and 
speed designations. 

* Compact Flash (CF)—nominally supports 512 GB, though no cards larger than 256 

GB were ever made. The speed of CF cards is rated on the same system as CDs, 

using multiples of 150 KBps. The fastest devices work at up to 1066x read speeds 

(or 160 MBps). 

xD—this format was used on Olympus cameras but has been discontinued. 


Note: The speeds quoted are "max burst speed." Sustained read and write speeds will be 
much lower. Cards also have a speed class rating indicating their minimum write speed 
capability. 


hold the card. 


@ Note: The smaller form factors can be used with regular size readers using a caddy to 


MEMORY CARD READERS 


Many PCs are fitted with memory card readers with slots that will accommodate most 
of the sticks on the market. 


A memory card reader is usually designed to fit in a front-facing 3.5" drive bay, though 
some can be fitted to a 5.25" bay. 
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SmartMedia / xD MMC/SD USB 2.0 


MS / MS PRO 


CompactFlash I/II 


Multi-card reader. (Image © 123RF.com.) 


The reader then needs to be connected to a USB hub. Most motherboards have at 
least one spare 9-pin USB header for making internal connections, or the reader may 
come with an expansion card (as with the HP model shown below). Alternatively, you 
may be able to run a USB converter cable from the reader to one of the external USB 
ports. 


Note: To support the fast speeds of modern card types, the reader must be connected to 
a USB 3 port. 


Another option is an external USB memory card reader. 


EXTERNAL STORAGE DRIVES 


External hard disks and portable SSDs have become very popular for backup, 
additional storage, and as a means of transferring files. External drives are packaged in 
a drive enclosure. The drive enclosure usually provides USB, Thunderbolt, and/or 
eSATAp ports. The enclosure also provides for an external power supply, if the drive is 
too large to be powered over USB, and the casing protects the drive from damage. 


External storage device. (Image © 123RF.com.) 


Some enclosures support Ethernet network connections, referred to as Network 
Attached Storage (NAS). Advanced enclosures are designed to host multiple disk 
units, possibly configured in a RAID array to provide better data security. 
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Activity 3-5 


Discussing Removable Storage Device 
Installation and Configuration 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What is the primary benefit of using removable solid state storage? 


2. Which two media types allow you to write to an optical disc only once? 


LT el 


O 


CD-ROM 


CD-R 


CD+RW 


DVD+R 


DVD-RW 


3. Ifa CD writer is 12x8x32x, what is the maximum transfer rate when creating 
a CD-R? 


4. True or false? DVD-RW media allows double-layer recording. 


5. What is the transfer rate of a 10x DVD drive? 


6. What is the capacity of a single Blu-ray dual-layer recordable disc? 


7. True or false? A memory card reader is needed to attach a USB flash 
memory drive to a PC. 
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8. Name the two main specifications for currently available memory card 
formats. 
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Topic D 


Configure RAID 


EXAM OBJECTIVES COVERED 
El 1001-3.4 Given a scenario, select, install and configure storage devices. 


Whether it is the system files required to run the OS or data files generated by users, 
an HDD or SSD stores critical data. If a boot drive fails, the system will crash, and if a 
data drive fails, users will lose access to files and there may be permanent data loss if 
those files have not been backed up. To mitigate these risks, the drives that underpin 
critical systems can be provisioned in a redundant configuration. Redundancy 
sacrifices some disk capacity but provides fault tolerance for the mission-critical 
volume. As a PC technician, you will have to configure and support such systems very 
often, so it is important that you understand the types of redundant drive 
configurations available. 


RAID 


With Redundant Array of Independent Disks (RAID), many hard disks can act as 
backups for each other to increase reliability and fault tolerance, or they can act 
together as one very large drive. 


Note: RAID can also be said to stand for "Redundant Array of Inexpensive Disks" and the 
"D" can also stand for "devices." 


RAID LEVELS 


The RAID advisory board defines RAID levels. The most common levels are numbered 
from 0 to 6, where each level corresponds to a specific type of fault tolerance. Only 
levels 0, 1, and 5 are of much relevance at the desktop, however. 


* RAID 0 (Striping without Parity). Disk striping is a technique where data is 
divided into blocks and spread in a fixed order among all the disks in the array. 
RAID 0 requires at least two disks. Its principal advantage is to improve 
performance by spreading disk I/O over multiple drives. 


The logical volume size is the combined total of the smallest capacity physical disk 
in the array. When building a RAID array, all the disks should normally be identical 
in terms of capacity and ideally in terms of type and performance, though this is not 
mandatory. If disks are different sizes, the size of the smallest disk in the array 
determines the maximum amount of space that can be used on the larger drives. 
RAID 0 adds no storage overhead and is a means of obtaining a large logical volume 
from multiple, low capacity disks. 

However, because it provides no redundancy, this method cannot be said to be a 
true RAID implementation. If any physical disk in the array fails, the whole logical 
volume will fail, causing the computer to crash and requiring data to be recovered 
from backup. Consequently, RAID O would never be used for live data storage. 
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RAID 0 (striping) - data is spread across the array. (Image © 123RF.com.) 

* RAID 1 (Mirroring). Mirroring requires two hard disks. The mirror disk is a 
duplicate of the data disk. Each write operation is duplicated on the second disk in 
the set, introducing a small performance overhead. A read operation can use either 
disk, boosting performance somewhat. 


This strategy is the simplest way of protecting a single disk against failure. If one 
disk fails (degrading the array), the other takes over. There is little impact on 
performance during this time (obviously the boost of having two drives available for 
read operations is lost), so availability remains good, but the failed disk should be 
replaced as quickly as possible as there is no longer any redundancy. When the disk 
is replaced, it must be populated with data from the other disk (resynching). 
Performance while rebuilding is reduced, though RAID 1 is better than other levels 
in that respect and the rebuilding process is generally shorter than parity-based 
RAID. 


In terms of cost per gigabyte, disk mirroring is more expensive than other forms of 
fault tolerance because disk space utilization is only 50 percent. Also the total 
volume size cannot exceed the available capacity of the physical disks. However, 
disk mirroring usually has a lower entry cost because it requires only two disks and 
a relatively cheap RAID controller (or software RAID). The availability of cheap, large 
HDDs makes the 50% overhead less of a drawback. 
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RAID 1 (mirroring) - data is written to both disks simultaneously. (Image © 123RF.com.) 

* RAID 5 (Striping with Distributed Parity) Striping with distributed parity (RAID 5) 
writes error checking information across all the disks in the array. The data and 
parity information is managed so that the two are always on different disks. If a 
single disk fails, enough information is spread across the remaining disks to allow 
the data to be completely reconstructed. Stripe sets with parity offer the best 
performance for read operations. However, when a disk has failed, the read 
performance is degraded by the need to recover the data using the parity 
information. Also, all normal write operations suffer reduced performance due to 
the parity calculation. 


RAID 5 requires a minimum of three drives but can be configured with more. This 
allows more flexibility in determining the overall capacity of the array than is 
possible with RAID 1. A "hard" maximum number of devices is set by the controller 
or OS support, but the number of drives used is more likely to be determined by 
practicalities such as cost and risk. Remember that adding more disks increases the 
chance of failure. 


The level of fault tolerance and available disk space is inverse. As you add disks to 
the set, fault tolerance decreases but usable disk space increases. If you configure a 
RAID 5 set using 3 disks, a third of each disk is set aside for parity. If four are used, 
one quarter is reserved on each disk. Using a three 80 GB disk configuration, you 
would have a 160 GB usable volume. 
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RAID 5 (striping with parity). (Image © 123RF.com.) 


disk space on larger drives is wasted. 


© Note: If the disks are different sizes, the size used is that of the smallest disk. Extra 


* RAID 1+0 (RAID 10). As described previously, RAID 0 is striping with no parity (that 
is, no fault tolerance is provided). This provides high throughput, but leaves the 
volume at risk. RAID 1 provides mirroring; the highest achievable disk fault 
tolerance. RAID 1+0 (also called RAID 10) is a combination of both these 
configurations (nested RAID). A logical striped volume is configured with two 
mirrored arrays. This configuration offers excellent fault tolerance as one disk in 
each mirror can fail and the array will still function. 


You will need at least four disks to create this configuration and there must be an 
even number of disks. Note that it carries the same 50% disk overhead that 
mirroring does. 


Sub-volume (RAID 1) 
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RAID 10 - either disk in each of the sub-volumes can fail without bringing down the mail volume. 
(Image © 123RF.com.) 
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RAID CONFIGURATION OPTIONS 


It is possible to implement RAID using either hardware or software. 


HARDWARE RAID 


A hardware RAID solution means that creating volumes from an array of physical 
disks is an operation supported by a plug-in controller card or by the motherboard, 
independently of the installed operating system. Hardware solutions are principally 
differentiated by their support for RAID levels. Entry-level controllers might support 
only RAID 0 or RAID 1, whereas mid-level controllers might add support for RAID 5 and 
RAID 10. 


In addition, hardware RAID is often able to hot swap a damaged disk (replace the failed 
unit without shutting down Windows), thereby keeping the system operational all the 
time. Hot swapping is a feature of high-end hardware RAID solutions and requires a 
compatible controller and disk units. When the new disk is installed, the RAID 
controller transparently synchronizes it with the remaining disks in the set. 


On the downside, hardware RAID is more expensive than a software solution and may 
lock you into a single vendor solution. 


Modern low cost RAID solutions may use the SATA interface whereas Serial Attached 
SCSI (SAS) is a popular technology for server-class machines. 


The array is normally configured by launching the firmware configuration utility by 
pressing the appropriate key combination during startup. Sometimes a RAID controller 
configuration tool is available from within the OS, too. 


WOM ata WDC WD2Z502ABYS-13B05 
1 ATA WDC WDZ2502ABYS-13B05 [No] [No] RAID 


Configuring a volume using RAID controller firmware. 


SOFTWARE RAID 


Windows provides the option to set up software-based RAID using standard disks and 
controllers. Windows Server and Windows client Professional/Enterprise editions 
support fault tolerant mirroring (RAID 1) and striping with parity (RAID 5) arrays. Ina 
software solution, internal disks using different types of interface can be combined in 
an array but USB- or Thunderbolt-connected external drives are usually not supported. 
All editions of Windows 10, however, come with the Storage Spaces feature, which 
provides mirroring and parity-based RAID-like functionality with USB-connected and 
other external drive types. Linux® can use the Logical Volume Manager (LVM) to 
implement most RAID levels. 
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HOT SWAP 

Asystem configured for RAID might support hot swappable drives. While this is 
usually a server-level feature, it might be implemented on high-end workstations. 
Rather than using cabled connectors, hot swappable drives plug (or "mate") into a 
combined data and power port on the enclosure. This means that drives can be easily 
added and removed from the front of the case without having to open the chassis. The 
drives are secured and released from the enclosure using a latch. 


Media server with hot swappable hard drives. (Image © 123RF.com.) 
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Activity 3-6 


Discussing RAID Configuration 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. If you have a computer with three hard disks, what type of RAID fault- 
tolerant configuration will make best use of them? 


2. You are configuring four 120 GB drives in a RAID 5 array. 


How much space will be available? 


3. What is the minimum number of disks required to implement RAID 10 and 
how much of the disks' total capacity will be available for the volume? 
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Topic E 


Troubleshoot Storage Devices 


EXAM OBJECTIVES COVERED 
A 1001-5.3 Given a scenario, troubleshoot hard drives and RAID arrays. 


End users rely on the hard drives in their PCs to store important system information 
and personal or professional data and files. Without a hard drive that works properly, 
the computer system is essentially worthless. As a CompTIA A+ technician, you will 
likely be called upon to fix or troubleshoot common problems with hard drives and 
other storage devices. 


DISK FAILURES 


Hard disk drives are most likely to fail due to mechanical problems either in the first 
few months of operation or after a few years, when they begin to reach the end of 
their useful life. Sudden loss of power can also damage a disk, especially if it is in the 
middle of a read/write operation. 


A hard drive that is failing might display the following symptoms: 

* Read/write failure. When you are trying to open or save a file, an error message 
such as "Cannot read from the source disk" is displayed. 

* Blue Screen of Death (BSoD). A failing hard disk and file corruption may cause a 
particularly severe read/write failure, resulting in system STOP errors (a crash 
screen). 

+ Bad sectors. When you run the chkdsk /r program it can test the surface of the 
hard disk. If more bad sectors are located each time the test is run, it is a sure sign 
that the disk is about to fail. 


Note: Use the Check Disk utility regularly to check that the drive is in good condition. 
chkdsk /fwill fix file system errors but will not identify bad sectors. 


* Constant LED activity. Disk thrashing can be a sign that there is not enough 
system RAM as data is continually moved between RAM and the pagefile. 

* Noise. A healthy hard disk makes a certain low-level noise when accessing the 
platters. A loud or grinding noise or any sort of clicking is a sign of a problem. 


When experiencing any of these symptoms, replace the disk as soon as possible to 
minimize the risk of data loss. 


DISK INTEGRITY TESTING 


You can use the Windows chkdsk utility to verify the integrity of a formatted disk. 
Most hard drives run a self-diagnostic program called S.M.A.R.T (Self-Monitoring, 
Analysis, and Reporting Technology) that can alert the operating system if reliability 
is compromised. In Windows, you can run the following command to perform a 
S.M.A.R.T check: 


wmic /node:localhost diskdrive get status 
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If you suspect that a drive is failing, you should try to run more advanced diagnostic 
tests on the drive. Most hard drive vendors supply utilities for testing drives or there 
may be a system diagnostics program supplied with the computer system. 


Œ Custom Test - Service Tag C3CVT4J 
@ Group By Device Type 


<<} All Devices 


H 


# 


# 


+ 


P Processor 

Eg System Board 

BLES system Management 
E vieo 

oS use 


GAG Keyboard 


TES PO Devices 


U> Serial Port 


GR oromovo 
EEF HadDive 


= SATA 0-000 Disk S/N:WD-WCAT1F650257 
@ Confidence Test 


@ SMART. Test 


@ Butter Test 
+) SATA 0-001 Disk S/N:WD-WCAT 1F650576 
+ SATA 0-002 Disk S/N:WD-WCAT1F649426 


roo SAS Processor 


Group By Module 


Run Tests Test SATA 0-000 Disk S/N:WD-WCAT1F650257 


27% 
e SATA 0-000 Disk S/N:WD-WCAT1F650257 
Drive Self Test (Short) 
Test Status: 9 percent complete 


Help | Configuration | Parameters | 


** SATA 0-000 Disk S/N: WD-WCATIF650257 - Confidence 
rape ee 

Performing a read test at the beginning of the media 
Test Results : User Abort 

Msg: 


** SATA 0-000 Disk S/N: WD-WCATIF650257 - Confidence 
Test ** 

Performing a read test at the beginning of the media 
Performing a read test at the end of the media 
Performing random seeks in the middle of the media 
ee Results : Pass 


Performing surface scan of the remainder of the 
media 

** SATA 0-000 Disk S/N:WD-WCAT1F650257 - Confidence 
Test ** 

Performing a read test at the beginning of the media 
Performing a read test at the end of the media 
Performing random seeks in the middle of the media 
Test Results : Pass 


Test Results : Pass 


** SATA 0-000 Disk S/N:WD-WCAT1F650257 - Drive Self 
Test (Short) ** 


cise | 


Testing [Press ESC to abort testing. Note the mouse is not active during testing. 


Using system diagnostics software to test a hard drive. 


You can also use Windows utilities to query S.M.A.R.T. and run manual tests. 


W SpeedFan 4.51 — x | 
Readings | Clock | Info | Exotics S.MAR.T. | Charts | 


Hard disk HDO-500.1GB-STSOOLMOD0-1EJ162 X 2l 
Model [ST500LM000-1EJ162 Fimware [SM1 
Perform an in-depth online analysis of this hard disk | [?] 

Extended test | Short test | Status hoer 


(Attribute | Value | Worst | Wam | Raw | 


@ Raw Read Error Rate 117 99 6 000008448628 
@ Spin Up Time 99 99 0 000000000000 
Start/Stop Count 99 99 20 000000000624 
| @ReallocatedSectorCount 100 100 10 000000000000 
@ Seek Eror Rate 71 60 30 000809EF5DEB 
Power On Hours Count 96 96 0 000000000E87 
@ Spin Retry Count 100 10 9 000000000000 
Power Cycle Count 99 99 20 00000000060E 
End-to-End error 100 100 99 000000000000 
Reported Uncorrectable Er... 100 100 0 000000000000 
Command Timeout 100 100 0 000000000000 
High Fly Writes 66 66 0 000000000022 
Airflow Temperature 64 51 45 000024130024 
GSense Error Rate 100 100 0 000000000000 


Power Off Retract Count 100 100 0 000000000016 y 
Fitness EEUEEEGEEEEREEEEER Peformance EEEEEREEREEEREREREE 


Coded by Alfredo Milani Comparetti - 2000-2015 - alfredo@almico.com 


Viewing S.M.A.R.T. information via the SpeedFan utility. 
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BOOT FAILURES 


If the hard drive is not detected at boot (or if a second hard drive is not shown under 
Windows), first check that it is powering up. Drive activity is usually indicated by an LED 
on the front panel of the system unit case. If this is inactive, check that the drive has a 
power connector attached. If the PC has no LEDs, or you suspect that they may be 
faulty, it is usually possible to hear the hard drive spinning up. Once you have 
determined that the drive is powering up, try the following: 


* If the system is not booting correctly from the hard drive, check that the boot 
sequence is set correctly in the PC firmware system setup program and that there 
are no removable disks in floppy or optical drives. 

e Check that data cables are not damaged and that they are correctly connected to 
the drive. 

+ Ifthe drives are connected to a motherboard port, check that it has not been 
disabled by a jumper or via system setup. 


Once you have determined that the drive configuration is correct, try the following. If a 
boot hard drive is detected by the firmware hardware check (Power On Self-Test 
[POST]) but not by Windows (for example, if you get an error such as "OS not found"), 
there is probably a problem with the file system. Boot into the recovery environment 
using the Windows setup disc and enter C : at the command prompt. If this produces 
the error message Invalid media type, the disk has no valid file system structure on it. 
This may be caused by surface errors or by a virus. You may be able to recover from 
this by running the boot rec tool at a boot command prompt or by reformatting the 
disk (at the expense of any data, of course). 


If you enter C: at the command prompt and you see the error message Invalid drive 
specification, the drive may have an invalid partition structure. You can check the 


drive's partition structure with diskpart. 


BOOT BLOCK REPAIR 


One of the unwelcome actions that malware can perform is to damage the boot 
information on the hard drive. There are two ways of formatting the boot information: 
MBR and GPT. 


e Inthe Master Boot Record (MBR) scheme, the MBR is located in the first sector of 
the first partition. It contains information about the partitions on the disk plus some 
code that points to the location of the active boot sector. The Boot Sector is located 
either on the sector after the MBR or the first sector of each other partition. It 
describes the partition file system and contains the code that points to the method 
of booting the OS (the Boot Configuration Data store for a Windows system, or 
GRUB or LILO Linux boot managers). Each primary partition can contain a boot 
sector, but only one of them can be marked active. 

e With the Globally Unique ID (GUID) Partition Table (GPT) boot scheme, the boot 
information is not restricted to a single sector, but still serves the same basic 
purpose of identifying partitions and boot loaders. GPT is associated with UEFI 
firmware, but can also be used by most legacy BIOS firmware if supported by the 
OS (32-bit Windows has problems booting from a combination of GPT and BIOS). 
GPT is not subject to the restrictions on number and size of partitions that limit 
MBR; there are still limits, but not ones that are likely to be reached in practice. 


@ Note: GPT often uses a "protective" MBR to prevent disk tools from overwriting the 
GPT. 


Whether the disk is using an MBR or GPT partitioning scheme, damage to these 
records results in boot errors such as "OS not found" or "Invalid drive specification." If 
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this problem has been caused by a virus (it can also occur due to disk corruption or 
installing operating systems with conflicting boot loaders in multiboot configurations), 
the best way to resolve it is to use the boot disk option in your antivirus software. This 
will include a basic antivirus scanner that may detect the virus that caused the problem 
in the first place. 


If you don't have the option of using a recovery disk created by the antivirus software, 
you can try to use the repair options that come with the Windows product disk. Be 
aware that these may not work completely reliably if the system is still infected with a 
virus. 


1. Boot from the product disk and select the Repair option. 


2. First, try to use the Startup Repair option. If this does not work, select the 
Command Prompt option. 


* Enterbootrec /fixmbr to attempt repair of the MBR. 
* Enterbootrec /fixboot to attempt repair of the boot sector. 
e Enterbootrec /rebuildbcd to add missing Windows installations to 
the Boot Configuration Database (BCD). 
3. Restart the PC. 


Note: These tools may not be suitable for use with multiboot configurations if one of the 
other OSes has created a non-standard partition table. 


FILE RECOVERY OPTIONS 


If the computer will not boot from a hard disk, you may want to try to recover data 
from it. To do this, you will usually need to remove the drive from its internal enclosure 
and connect it to another PC. Use a driver that matches the type (flat, crosshead/ 
crosspoint/Phillips, or star/Torx) and size of screw to avoid damaging the screw heads 
or threads. 


External enclosure kits are available to provide the data and power connectors 
required. The enclosure will then generally be interfaced to the PC via a USB port and 
the disk can be mounted using Disk Management (if it is in a state to be recognized by 
Windows) or analyzed using file recovery software. 


If a file is corrupted, it may be possible to use software to rebuild it (or at least, to 
recover some data from it). chkdsk restores file fragments from bad sectors to the 
root of the volume (as filennnn.chk files), but these are rarely directly usable. Third- 
party file recovery software is available and can be more successful. 
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Active@ File Recovery for Windows [Demo Version] 
File View Tools Help 


BS 8B 


EJ Local System Devices 
@& ST9640423AS iz Created Modified Accessed/Deleted ~ 
S5 MultipleCard Reader f= 
© Toshiba StorE HDD 
© SAMSUNG HD321KJ 
B Dellutility 
E System R 
8 Virt_Dir_062267 
Virt_Dir_070434 
A Virt_Dir_074261 


B Virt_Dir_07 
A Virt_Dir_074417 

Virt_Dir_074576 40.5 KB 
RV 197 KB 


* Date/Time Event 
$ 2012-08-01 15:14:16 Active@ File Recovery started 


464 object(s) Contents of ! Lost & Found ! 


Using file recovery software to scan a disk. 


DISK PERFORMANCE ISSUES 


Slow disk performance is often a bottleneck for modern computer systems. In this 
case, the best solution may be to add more RAM rather than replace the disk or to 
upgrade the disk to an SSD or hybrid drive. 


Disk performance can be improved by ensuring that file fragmentation is minimized. 
Disk defragmentation is a process whereby the contents of a disk are moved around 
to optimize disk access times. The components of a file (known as clusters) are placed 
adjacent on the disk surface (they are said to be contiguous). Windows normally tries 
to run the defragmenter periodically as a scheduled task, but this process can be 
interrupted by user file access requests. It may be necessary to run the tool manually 
during a "downtime" period. 


Low disk capacity can also be a cause of slow performance. When a disk is 90% full, its 
capacity meter is shown in red in Explorer. Windows warns the user via the notification 
area when disk space is critically low (below 200 MB). If the disk continues to be filled 
up, system performance will be very severely impacted. You can use the Disk Cleanup 
program to free up space, but the user may have to take manual steps, such as moving 
or deleting files, uninstalling unnecessary applications, and so on. 


GUIDELINES FOR TROUBLESHOOTING OPTICAL DRIVES 


Consider these guidelines when troubleshooting optical drives. 


GENERAL TROUBLESHOOTING TIPS FOR OPTICAL DRIVES 


Here are some general guidelines for troubleshooting optical drives: 


* Optical drives such as CD, DVD, and Blu-ray drives can generally go for a very long 
time between failures. This is because the part of the drive that reads the disc does 
not actually touch the disc. All reading (and writing with recordable and re-writable 
media) is done using lasers. This means that the read/write "heads" are not as likely 
to get dirty as with magnetic media drives such as floppy drives, where the read/ 
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write heads commonly touch the disc. However, discs do get dirty and carry that dirt 
inside the optical drive. Special cleaning kits are available for cleaning optical drives 
if read/write problems are experienced. Most problems related to dirt, though, are 
caused by dirt on the disc itself. 

* Support for CD drives is built into Windows. If your CD drive is not able to read CDs 
at all, it is likely to be a hardware problem. 

* DVD-Video requires MPEG decoding hardware or software (codecs) to be installed 
for playback. This is supplied with Vista Home Premium and Ultimate editions and 
in each edition of Windows 7 except Starter and Home Basic. Windows 8 requires 
third-party software to be installed. Remember also that a DVD-ROM cannot be 
read from a CD-ROM drive. 

* There is currently no native support for Blu-ray in any version of Windows, but the 
drive should be bundled with the appropriate codecs and software. 


TROUBLESHOOTING CD/DVD/BD WRITING 

Here are some guidelines for troubleshooting write errors on optical discs: 

e Where Windows does not support a particular recordable or rewritable format 
directly, third-party software is required. 

* Some writable media are not manufactured to the highest possible standards, so 
errors during CD or DVD write operations can be quite common. Check that you are 
using the write speed recommended for the brand of discs you have purchased. If 
the error is persistent, however, it is not due to the media. 

* Most problems are connected to buffer underruns. On older devices, once the 
writing process starts, it cannot be paused. Therefore, if the OS does not supply 
data to the burner's buffer quickly enough, errors will be introduced into the disc's 
layout. The following solutions can usually be applied: 

* Try burning discs at a lower write speed. 
* Copy source files to the local hard disk (rather than removable or network 
drives). 
* Do not use other applications when burning a disc. 
* The latest CD and DVD writers usually ship with buffer underrun protection. 


COMMON RAID CONFIGURATION ISSUES 


RAID is usually a means of protecting data against the risk of a hard disk drive failing. 
The data is either copied to a second drive (mirroring) or additional information is 
recorded on multiple drives to enable them to recover from a device failure (parity). 
RAID can be implemented using hardware controllers or features of the operating 
system. However, you might encounter the following issues with RAID systems: 


* RAID not found. 
* RAID stops working. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


GUIDELINES FOR TROUBLESHOOTING RAID ISSUES 


Here are some guidelines to consider when you are troubleshooting RAID issues. 


TROUBLESHOOT RAID ISSUES 


Consider these guidelines as you troubleshoot RAID issues: 
* If Windows does not detect a RAID array during setup or at boot time: 
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* Check that the drivers for the RAID controller are installed and use the RAID 
configuration utility to verify its status. 


F10 = System Services 
Fii = BIOS Boot Manager 
F12 = PXE Boot 
One 2.40 GHz Quad-core Processor, Bus Speed:4.80 GT/s, L2/L3 Cache:1 MB/8 MB 


System Memory Size: 4.0 GB, System Memory Speed: 1067 MHz 


Broadcom NetXtreme II Ethernet Boot Agent v5.0.5 

Copyright (C) 2000-2009 Broadcom Corporation 

All rights reserved. 

Press Ctrl-S to Configure Device (MAC Address - 842B2B19E291) 


Dell PERC H200/6Gbps SAS HBA BIOS 
MPTZBIOS-—7 .01.09.00 (2010.03.22) 
Copyright 2000-2009 LSI Corporation. 


Integrated RAID exception detected: 
Volume (Hd1:079) is currently in state INACTIVE/OPTIMAL 
Enter the Dell PERC H200/HBA Configuration Utility to investigate! 


Press Ctrl-C to start Dell PERC H200/HBA Configuration Utility.. 


Boot message indicating a problem with the RAID volume—press Ctrl+C to start the utility and 
troubleshoot. 
e Ifyou cannot access the configuration utility, then the controller itself could have 
failed. 


* If RAID stops working: 


* One of the purposes of using RAID (or at least RAID 1/5/10) is that it is much less 
likely than a simple disk system to just "stop working." If one of the underlying 
disks fails, the volume will be listed as "degraded," but the data on the volume 
will still be accessible. 


Note: RAID 0 has no redundancy, so if one of the disks fails, it will stop working. In 
this scenario, you had better hope that you have a recent data backup. 


* The precise process for managing a disk failure with an array will be dependent 
on the vendor that supplied the array and the configuration being supported. All 
array controllers will be capable of generating an event to the OS system log and 
perhaps of generating an alert message for the administrator. 


Lesson 3: Installing, Configuring, and Troubleshooting Storage Devices | Topic E 


The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 153 


RAID errors using the configuration utility - this volume is missing one of its disks. 

* Most desktop-level RAID solutions can tolerate the loss of only one disk, so it 
should be replaced as soon as possible. If the array supports hot swapping, then 
the new disk can simply be inserted into the chassis of the computer or disk 
chassis. Once this is done, the array can be rebuilt using the RAID configuration 
utility (if a hardware RAID controller is used) or Disk Management (if you are 
using dynamic disks to implement "software" RAID). Note that the rebuilding 
process is likely to severely affect performance as the controller is likely to be 
writing multiple gigabytes of data to the new disk. 


Note: When hot swapping a faulty disk out, take extreme caution not to remove a 
healthy disk from the array as making a mistake could cause the array to fail, 


depending on the configuration. Disk failure is normally indicated by a red LED. 
Always make a backup beforehand. 


* If avolume is not available, either more than the tolerated number of disks has 
failed or the controller has failed. If the boot volume is affected, then the 
operating system will not start. If too many disks have failed, you will have to 
turn to the latest backup or try to use file recovery solutions. If the issue is 
controller failure, then data on the volume should be recoverable, though there 
may be file corruption if a write operation was interrupted by the failure. Either 
install a new controller or import the disks into another system. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 
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Activity 3-7 


Discussing Storage Device 
Troubleshooting 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. A user complains that a "Buffer underrun" error keeps occurring when they try to 
write to recordable DVDs. 


What would you suggest? 


2. You are trying to install Windows from the setup disc, but the computer will not 
boot from the CD. 


What should you do? 


3. Ifyou experience an error such as “BCD missing" when booting the 
computer, what action could you take? 


4. A user reports hearing noises from the hard disk—does this indicate it is 
failing and should be replaced? 


5. APC displays the message "Invalid media type" when you try to access it from a 
command prompt. 


What is the likely cause and how might you attempt to fix it? 


6. Auser reports that there is a loud clicking noise when she tries to save a file. 


What should be your first troubleshooting step? 
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You are investigating a disk problem. The system can no longer access the C: 
drive. 


What command could you use to try to repair the error? 


A RAID utility reports that the volume is degraded. 
What should you do? 
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Activity 3-8 


Troubleshooting Storage Devices 


BEFORE YOU BEGIN 


To simulate the first issue, your instructor will introduce a drive problem on your 
system. 


SCENARIO 


In this activity, you will troubleshoot different issues relating to hard drives. 


1. A user has reported that her computer cannot boot and is getting an error 
message at POST. Diagnose and correct the issue. 
a) Reproduce the problem by booting the computer and observing the error. Listen to 
determine if the drive is spinning up during POST. 
b) Access the firmware setup program to check that the drive port is enabled. 


c) Power off the computer, disconnect any cabling, and then open the case. Verify that 
the drive data cable and power cable are properly connected. 


d) If nothing else corrects the problem, replace the drive. 


2. Another user has reported that there are grinding noises coming from her 
computer case. Once you take a closer look, you suspect that it is the hard drive. 


What is the possible cause and solution to this type of issue? 
O The hard drive is physically damaged, so the drive must be replaced. 


O A virus has attacked the hard drive, so you can use antivirus software to mitigate the 
issues, 


O Data is corrupt on the drive, and the PC has not been shut down correctly. 


3. When a user tries to access the hard drive containing his data, the system locks up 
and makes a clicking sound. From the command prompt, he can change to drive 
D, but when he tries to access a file or list the files on the drive, it locks up and 
begins clicking again. 


What is the most likely cause of the problem? 
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What steps might you take to attempt to resolve this problem? 


A user reports that some of his folders have begun disappearing and some folder 
and file names are scrambled with strange characters in their names. 


What is the most likely cause of the problem? 


What steps might you take to attempt to resolve this problem? 
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Summary 


In this lesson, you installed, configured, and performed troubleshooting on various 
types of storage devices. The ability to support users in their need to store and retrieve 
essential data is an integral part of an A+ technician's job duties. 


Which types of storage devices have you worked with? Have you installed 
additional hard drives or replaced hard drives? 


What sorts of issues have you experienced with storage devices? How will the 


troubleshooting tools and guidelines presented in this lesson help with future 
issues? 


Practice Question: Additional practice questions are available on the CompTIA CHOICE 
platform within the Assessments tile. 
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Lesson 4 


Installing, Configuring, and Troubleshooting 
Internal System Components 


LESSON INTRODUCTION 


As a CompTIA® A+® technician, you are not only responsible for the components outside the 
system unit, but all the internal components as well. On the job, you may be asked to connect 
peripheral components for a user, or you may be asked to swap out a motherboard. 


Having the knowledge and skills to properly install and configure the internal system components 
is crucial because, in most cases, users will not have the knowledge or the experience to install the 
components themselves. It will be your professional responsibility to know the technical 
specifications for these components and how to manage them appropriately. 


LESSON OBJECTIVES 

In this lesson, you will: 

* Select and install a CPU to upgrade or repair a computer system. 
* Configure and update BIOS and UEFI. 

* Install power supplies. 

* Troubleshoot internal system components. 


* Configure a custom PC. 
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Topic A 


Install and Upgrade CPUs 


EXAM OBJECTIVES COVERED 
a 1001-3.5 Given a scenario, install and configure motherboards, CPUs, and add-on cards. 


In this topic, you will examine the types and features of CPUs and cooling systems. 
Much like the motherboard, the CPU is another important component of the computer 
system that actually carries out all the tasks requested by the applications installed in 
the computer. The CPU is a heat generator, so part of understanding the CPU includes 
understanding how to manage heat inside the computer case by managing the airflow 
and temperature. Keeping the system cool is an easy but important way to maintain or 
even increase its productivity. A computer that runs too hot risks damaging its own 
components. As an A+ technician, you need to be familiar with these essential 
components of the computer system. 


CPU 


The Central Processing Unit (CPU), or simply the processor, executes program 
instruction code, performs mathematical and logical calculations, and controls Input/ 
Output (I/O) functions. The CPU is commonly described as the "brains" of a computer; 
in fact, it is better thought of as a very efficient sorting office. The CPU cannot think, 
but it can process simple instructions very, very quickly and efficiently. A computer is 
only as "clever" as its software. 


PC processors are produced by Intel® or other manufacturers who use the Intel 
instruction set and whose processors are, therefore, IBM® PC (or x86) compatible. 
Currently, only AMD (Advanced Micro Devices) falls into this category. 


CPU MANUFACTURING PROCESS 
} Note: This information is provided for reference; it is not part of the exam objectives. 


A microprocessor is a programmable integrated circuit (IC). An IC is a silicon chip 
embedded on a ceramic plate. A silicon chip is a wafer of purified silicon doped with a 
metal oxide (typically copper or aluminum). This doping process creates millions of 
transistors and signal pathways within an area called the die. These transistors provide 
the electrical on/off states that are the basis of binary computer systems. 


The process used to create the transistors is referred to as an n-micron or n- 
nanometer (nm) process, reflecting the size of the features (a transistor for instance) 
that can be created. A micron is a millionth of a meter; a nanometer is a billionth of a 
meter. This process has developed from 1 micron (80486) to 0.014 micron (or 14 nm). 


Scaling down the process allows reduced voltages and therefore more speed with less 
heat. It also allows more components to be added to the same package, which has 
enabled innovations such as on-die cache, multicore CPUs, and on-die graphics 
processors. 
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CPU ARCHITECTURES 


The CPU is designed to run software programs. When a software program runs 
(whether it be an operating system, BIOS firmware, antivirus utility, or word processing 
application), it is assembled into instructions utilizing the fundamental instruction set 
of the CPU and loaded into system memory. The CPU then performs the following 
operations on these instructions: 


1. The control unit fetches the next instruction in sequence from system memory to 
the pipeline. 

2. The control unit decodes each instruction in turn and either executes it itself or 
passes it to the Arithmetic Logic Unit (ALU) or Floating Point Unit (FPU) for 
execution. 

3. The result of the executed instruction is written back to a register or to system 
memory. A register is a temporary storage area available to the different units 
within the CPU. 


This overview is grossly simplified, of course. Over the years, many different internal 
architectures have been developed to optimize the process of fetch, decode, execute, 
and writeback, while retaining compatibility with the basic x86 instruction set, which 
defines a CPU as IBM PC compatible. 


INSTRUCTION SETS 


The instruction set used by IBM PC compatible CPUs is called x86-32 or IA-32 (Intel 
Architecture). The way the instructions are processed internally has been modified and 
optimized by various different CPU architectures, but otherwise the same platform has 
been in use for the last 30 years (IA-32 updated the 16-bit x86 instruction set, first 
launched in 1978). 


Up until a few years ago, CPUs were designed to run 32-bit code. This means that each 
instruction can be up to 32-bits in length. A 32-bit CPU's General Purpose (GP) 
registers are also 32-bits wide. However, since 2004, most desktop CPUs (and from 
2006, most laptop CPUs) released to the market have been capable of running 64-bit 
code. 


Note: 32-bit Pentium compatible CPUs feature additional larger registers for floating 
point calculations (80-bit) and SIMD processing (64- or 128-bit). They also feature a 64-bit 


data bus. It is the GP register size that makes a CPU 32- or 64-bit. 


Intel first developed a 64-bit instruction set for its Itanium server CPU platform in 2001. 
This platform (IA-64) has never gained acceptance in the PC market, however. AMD's 
64-bit instruction set (AMD64) has proved more popular and was adopted by Intel for 
its 64-bit desktop and mobile line. Intel refers to it as EM64T or Intel 64. The same 
instruction set is also called x86-64 or x64. 


The utilization of 64-bit CPU features by installing 64-bit operating systems took some 
time to grow, principally because of the lack of 64-bit drivers for peripheral devices. 
However, at this point, it is estimated that well over half of the Windows install base is 
64-bit. 


ADDRESSING 


The system bus between the CPU and memory consists of a data bus and an address 
bus. The width of the data bus (64-bit on all current CPUs) determines how much data 
can be transferred per clock cycle; the width of the address bus determines how many 
memory locations the PC can access. 
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are two or four 64-bit transfers per clock cycle. Also, the memory architecture is likely to 
be multi-channel, meaning that there are two, three, or four 64-bit data paths operating 
simultaneously. 


© Note: In modern CPU designs, the bus is double or quad "pumped," meaning that there 


The address bus for most 32-bit CPUs is either 32- or 36-bits wide. A 32-bit address bus 
can access a 4 GB address space; 36-bit expands that to 64 GB. In theory, a 64-bit CPU 
could implement a 64-bit address space (16 Exabytes). In practice, the current 
generation of x64 CPUs are "restricted" to 48-bit address spaces (256 TB) to reduce the 
complexity in remaining compatible with 32-bit software. 


CACHE 


A computer stores the data for the programs and files currently open in system 
memory. The CPU has registers to store instructions and data that it is processing. 
Instructions are moved in and out of these registers to the system memory. 


Cache is a small block of high-speed memory that enhances performance by pre- 
loading (caching) code and data from relatively slow system memory and passing it to 
the CPU on demand. Essentially, cache stores instructions and data that the CPU is 
using regularly. 

In early CPU designs, cache was implemented as a separate chip on the motherboard, 
but almost all new CPUs incorporate most types of cache as features on the CPU itself 
(on die). Cache is designed in multiple levels. Level 1 cache is "closest" to the CPU and 
supports the fastest access. Level 2 cache is typically larger and a bit slower while Level 
3 and Level 4 cache, if used, are larger and possibly a bit slower still. 


HYPERTHREADING 


One way to make instruction execution more efficient is to improve the way the 
pipeline works. The basic approach is to do the most amount of work possible in a 
single clock cycle (multitasking). There are various ways to achieve this goal, though. 


* Superpipelining. CPUs process multiple instructions at the same time (for example, 
while one instruction is fetched, another is being decoded, another is being 
executed, and another is being written back to memory). This is referred to asa 
superscalar architecture, as multiple execution units are required. Superscalar 
architectures also feature longer pipelines with multiple stages but shorter actions 
(micro-ops) at each stage, referred to as superpipelining. 


The original Pentium® had a 5-stage pipeline; by contrast, the Pentium 4 has up to 
31 stages (NetBurst® architecture). NetBurst actually proved relatively inefficient in 
terms of power and thermal performance, so Intel reverted to a modified form of 
the P6 architecture it used in Pentium Ils and Ills for its "Core" brand CPUs (with 
around 14 stages). 

* Multithreading. Another approach is Simultaneous Multithreading (SMT), called 
HyperThreading (HT) or HyperThreading Technology (HTT) by Intel. 


A thread is a stream of instructions generated by a software application. Most 
applications run a single process in a single thread; software that runs multiple 
parallel threads within a process is said to be multithreaded. SMT allows the 
threads to run through the CPU at the same time. It duplicates many of the 
registers of the CPU. This reduces the amount of "idle time" the CPU spends waiting 
for new instructions to process. To the OS, it seems as though there are two or 
more CPUs installed. 


The main drawback of SMT is that it works best with multithreaded software. As this 
software is more difficult to design, it tends to be restricted to programs designed 
to run on servers. Desktop applications software often cannot take full advantage. 
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MULTIPROCESSING AND MULTICORE PROCESSORS 


Yet another approach to making a computer system faster is to use two or more 
physical CPUs, referred to as Symmetric Multiprocessing (SMP). An SMP-aware OS 
can then make efficient use of the processing resources available to run application 
processes on whichever CPU is "available." This approach is not dependent on 
software applications being multithreaded to deliver performance benefits. 
Traditionally, SMP was provided by physically installing two or more CPUs in a multi- 
socket motherboard. Obviously, this adds significantly to the cost and so is 
implemented more often on servers and high-end workstations. 


However, improvements in CPU manufacturing techniques have led to another 
solution: dual-core CPUs, or Chip Level Multiprocessing (CMP). A dual-core CPU is 
essentially two processors combined on the same die. The market has quickly moved 
beyond dual-core CPUs to multicore packages with 3, 4, 8, or more processors. 


produced for the lowest budget models but manufacturing volumes mean that multicore 


r) Note: Most mainstream CPU models are now multicore. Single-core CPUs are still 
CPUs are at the point of being cheaper to produce than single-core ones. 


CLOCK SPEED 


Despite the architectural features just discussed, the speed at which the CPU runs is 
generally seen as a key indicator of performance. This is certainly true when comparing 
CPUs with the same architecture but is not necessarily the case otherwise. Intel Core 2 
CPUs run slower than Pentium 4s, but deliver better performance. Budget and low 
power models will work at around 1-2 GHz while premium models will run at 3-4 GHZ. 


The core clock speed is the speed at which the CPU runs internal processes and 
accesses L1 and L2 cache (L2 cache access speed actually depends on the CPU 
architecture, but full-speed access to L2 cache has been standard for some time). The 
Front Side Bus (FSB) speed is the interface between the CPU and system memory. 


OVERCLOCKING 


When a manufacturer releases a new chip, it sets an optimum clock speed based on 
systems testing. This clock speed will be set at a level where damage to the chip is not 
likely to occur during normal operation. Increasing this speed (overclocking) is done 
using the system setup firmware program by adjusting the CPU Speed or Advanced 
Chipset Features properties. You can either increase the core clock speed (multiplier) 
or the FSB speed (overclocking the memory chips) or both. Increasing the clock speed 
requires more power and generates more heat. Therefore, an overclocked system 
must have a suitable power supply and sufficient cooling. The operating environment 
(the warmth of the room and build-up of dust) must also be quite carefully controlled. 


Overclocking is generally performed by hobbyists and games enthusiasts but it is also 
a means to build a PC more cheaply by specifying lower cost components, then 
boosting their performance. 


Without cooling, overclocking increases the risk of thermal damage to components and 
may increase the frequency of system lockups. It also invalidates the warranty. Original 
Equipment Manufacturers (OEM) generally try to prevent overclocking in their PC 
systems by disabling custom settings in the computer's system setup program. 


A CPU may also run at a lower actual speed than it is capable of if it is put in a power 
saving mode. 
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POWER MANAGEMENT (THROTTLING) 


Rising energy costs and environmental legislation are placing power efficiency at the 
top of the agenda for IT buyers. In terms of CPU performance, more speed means 
greater power consumption and heat production. To deal with these issues, CPUs can 
implement power management to enter lower power states, referred to as throttling. 


Another aspect of power management is protection for the CPU. If a processor runs 
too hot, the system can become unstable or damage can occur. CPUs provide routines 
to reduce performance to protect against overheating. 


OTHER CPU FEATURES 


Two other features of modern CPUs need to be covered here. These support the use of 
virtualization and power-efficient graphics capability. 


+ Virtualization extensions. Virtualization software allows a single computer to run 
multiple operating systems or Virtual Machines (VM). Intel's Virtualization 
Technology (VT) and AMD's AMD-V provide processor extensions to support 
virtualization, also referred to as hardware-assisted virtualization. This makes the 
VMs run much more quickly. These extensions are usually features of premium 
models in a given processor range. 


There is also a second generation of virtualization extensions to support Second 
Level Address Translation (SLAT), a feature of virtualization software designed to 
improve the management of virtual (paged) memory. These extensions are referred 
to as Extended Page Table (EPT) by Intel and Rapid Virtualization Indexing (RVI) 
by AMD. 

+ Integrated GPU. Most computer systems provide some sort of built-in graphics 
adapter. Initially, an integrated GPU would be implemented as part of the 
motherboard chipset; Intel's Graphics Media Accelerator, for instance. Nowadays, it 
is more likely that an integrated GPU, or Integrated Graphics Processor (IGP), will be 
part of the CPU (Intel HD Graphics, for example). 
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NVIDIA's control panel allows the system to select a graphics processor depending on application 
requirements. 
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Apart from cost, an IGP is more power-efficient than a dedicated card. Some laptop 
systems with both an IGP and a dedicated card are capable of switching 
automatically between them (NVIDIA Optimus and ATI Hybrid Graphics 
technologies), depending on whether an application requires advanced 3D 
performance or not, to conserve battery life. 


CPU PACKAGING AND COMPATIBILITY 


There have been numerous CPU architectures, and within each architecture, a number 
of different models, and for each set of models, a brand to position them within a 
particular market segment. CPU packaging refers to the CPU's form factor and how it 
is connected to the motherboard. Intel and AMD use different socket types so you will 
never be able to install an AMD CPU in a motherboard designed for an Intel CPU (and 
vice versa). Additionally, within Intel's and AMD's own ranges, a given CPU socket type 
will only be compatible with a fairly limited number of CPU models. 


The following tables summarize some of the various CPU models and socket types that 
have been used over the years. Note that the supported desktop processors and 
memory are illustrative rather than definitive. For more up-to-date information, visit a 
site such as CPU World, Tom's Hardware, or AnandTech. 


INTEL CPU RANGES AND SOCKET TYPES 


Brand Name Description 


Core® This is Intel's flagship desktop and mobile CPU series. The 
earliest models (Core Solo and Core Duo) were laptop-only 
chips. The Core 2 series introduced desktop versions plus 
64-bit and multicore support. The current range is divided 
into Core i3, i5, and i7 brands, with i7 representing the 
best performing models. The Core iX range has been 
based on successive generations of microarchitectures, 
named Nehalem, Sandy Bridge, Ivy Bridge, Haswell, 
Broadwell, and Skylake. 


Pentium® The Pentium used to be Intel's premium 32-bit CPU brand 
and you may still find Pentium 4-based computers in use. 
The Pentium brand has been reintroduced to represent 
"mid-range" CPU models based on the Core 
microarchitecture 


Celeron® This has long been Intel's budget brand. 

Atom® This brand designates chips designed for low-power 
portable devices (smartphones and tablets). 

Xeon® This brand is aimed at the server/workstation market. 


Current Xeons are often differentiated from their Core 
counterparts by supporting n-way multiprocessing and 
ECC memory and coming with larger caches. 


Intel uses Land Grid Array (LGA) form factor CPUs. In LGA, the pins that connect the 
CPU and socket are located on the socket. This reduces the likelihood of damage to the 
CPU but increases the chance of damaging the motherboard. 
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GIGABYTE 


AVN Ss 
Socket 1150 DAJP1 Di 


GIGA-BYTE Z97X Gaming motherboard with Intel Socket 1150. (Image © Gigabyte.) 


AMD CPU RANGES AND SOCKET TYPES 


Older AMD brands such as Athlon™, Phenom™, Sempron™, and Turion™ have been 
phased out over the last few years. The following brands represent the company's Zen 
microarchitecture in different segments: 


* Ryzen™/Threadripper™ and Ryzen Mobile—this brand now represents AMD's pitch 
for the high-end enthusiast segment, replacing older AMD FX chips. 

* Epyc™—AMD's server-class CPU brand, replacing its long-standing Opteron series of 
chips. 


AMD uses Pin Grid Array (PGA) form factor chips, designed to fit in a Zero Insertion 
Force (ZIF) socket on the motherboard. As the name suggests, a PGA chip has a 
number of pins on the underside of the processor. These plug into corresponding 
holes in the socket. Care must be taken to orient the CPU correctly with the socket and 
to insert it so as not to bend or break any of the pins. 
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GIGA-BYTE motherboard with ZIF-type FM2+/FM2 socket for AMD CPUs. (Image © Gigabyte.) 


COOLING MECHANISMS 


Heat is a by-product of pushing electric current through the various electronic 
components in the computer. The faster the components work, the more heat is 
produced. Excessive temperatures can cause the components to malfunction or even 
damage them. One of the most significant problems with CPUs (and graphics cards) is 
their thermal output. While Intel and AMD are both focusing on making new CPU 
designs more thermally efficient, all CPUs require cooling. Also, a specific CPU model 
requires a specific cooling system as some run hotter than others (later Pentium 4s 
being a good example). 


HEAT SINKS AND THERMAL PASTE 

A heat sink is a block of copper or aluminum with fins. As the fins expose a larger 
surface area to the air around the component, a greater cooling effect by convection is 
achieved. Before attaching the heat sink, dots of thermal paste (also referred to as 
thermal grease or thermal compound) should be applied to the surface of the CPU so 
that placing the heat sink spreads the paste into a thin layer. At the microscopic level, 
when two solids touch, there are actually air gaps between them that act as insulation; 
the liquid thermally conductive compound gel fills these gaps to permit a more 
efficient transference of heat from the processor to the heat sink. 


A heat sink is a passive cooling device. Passive cooling means that it does not require 
extra energy (electricity) to work. In order to work well, a heat sink requires good 
airflow around the PC. It is important to try to keep "cable clutter" to a minimum. 
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CPU Heatsink f CPU Fan 


ocket (on Ih i 
Ea M o 


CPU heatsink and fan assembly. Note: When purchasing a CPU, most CPU fans included already have 
thermal paste applied to the bottom of the CPU fan. If there is no thermal paste applied or the CPU 
didn't come with a CPU fan, then you'll need to purchase a separate tube of thermal paste. (Image © 
123RF.com.) 


There are various mechanisms for clamping a CPU heat sink to the motherboard. 
There may be a retaining clip or push pins. Push pins can be released and reset for 
insertion by making a half turn with a screwdriver. 


FANS 


Many PCs have components that generate more heat than can be removed by passive 
cooling. A fan improves air flow and so helps to dissipate heat. Fans are used for the 
power supply and chassis exhaust points. The fan system will be designed to draw cool 
air from vents in the front of the case over the motherboard and expel warmed air 
from the back of the case. 


Note: A common implementation is to include air vents near the bottom of the front of 
the case and to place a fan near the top of the rear of the case to pull cooler air through 


the system. 


Typically, the speed of the fan is varied according to the temperature, and sensors are 
used to detect whether a fan has failed. Smaller fans may be used to improve the 
performance of the heat sink on the CPU, GPUs, and even hard disks. 


A fan is an active cooling device. It requires power to run. 


The main problem with fans, especially at the lower end of the market, is that they 
generate noise. A fan also needs to be matched to the CPU model to ensure that it is 
powerful enough to cope with the processor's thermal output. 


Most CPU fans are designed to be removed without the use of tools. Usually the fan 
assembly will have clips and a power connector. 


Some chassis designs incorporate a plastic shroud or system of baffles to cover the 
CPU and channel the flow of air. The shroud is usually attached to the case using 
plastic clips. 
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HEAT PIPES AND SPREADERS 

A heat pipe is a sealed tube containing some type of coolant (water or ethanol). The 
liquid close to the heat source evaporates then condenses at a cooler point in the pipe 
and flows back towards the heat source. The cool parts of the pipe are kept so by 
convection. This mechanism is more effective than a simple heat sink and fan 
assembly. It is necessary for a CPU that runs particularly hot or where there is not 
much space for airflow within the chassis. A dual heat pipe has two tubes, providing 
better cooling. 


A heat spreader uses the same design but is a flat container rather than a pipe. This 
design is better suited to portable computers. If used without fans, heat pipes and 
spreaders are classed as passive cooling. 


LIQUID-BASED COOLING SYSTEMS 

PCs used for high-end gaming (those with twin graphics cards, for instance) and with 
overclocked components may generate more heat than basic thermal management 
can cope with. PCs used where the ambient temperature is very high may also require 
exceptional cooling measures. 


A liquid-cooled PC. (Image by Olivér Svéd © 123RF.com.) 


Liquid-based cooling refers to a system of pumping water around the chassis. Water is 
a much more effective coolant than air convection and a good pump can run more 
quietly than numerous fans. On the downside, liquid cooling makes maintenance and 
upgrades more difficult, requires comparatively more power to run, and is costly. 
Liquid cooling is an active cooling technology as the pump requires power to run. 


FANS AND POWER 

Power is supplied to a CPU or case fan by connecting its power connector to an 
appropriate header on the motherboard (make sure you plug the CPU fan into the 
header marked "CPU Fan" to ensure that the chipset can run the fan at an appropriate 
speed). Power connectors and headers for fans are 3-pin or 4-pin. 
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* 3-pin models control fan speed by varying the voltage. 

* 4-pin models control fan speed by switching the voltage on and off (using a Pulse 
Width Module [PWM] signal carried by the fourth wire). This gives better control 
over fan speed. 


Fans with a 3-pin connector can usually be used with 4-pin headers but the system 
may not be able to vary the fan speed (or may need special configuration to be able to 
do so). A fan with a 4-pin connector will usually work with a 3-pin header but will not be 
able to use PWM. 


CPU INSTALLATION CONSIDERATIONS 


Before you replace a processor, you need to make sure you select a processor that 
matches the type of socket on the system board. Not all processors that use a 
particular socket will be compatible with your system; this is just one of several items 
you will need to check for compatibility. Also, when it comes to removing the CPU, 
there are several cooling device designs and socket types to deal with. 


If you are upgrading the CPU, check that the new model is supported by the 
motherboard. Use the motherboard manufacturer's website to get up-to-date 
information (for example, to find out about CPU models that were released after the 
motherboard's documentation was written). 


model will be compatible. The motherboard must have a compatible chipset and voltage 


@ Note: Just because a motherboard has the correct socket type does not mean that a CPU 
regulators, too. 


Pin 1 on the processor MUST match pin 1 on the processor socket. Both the processor 

and the socket carry distinguishing markings to indicate pin 1. On a processor, this may 

be: 

* A beveled corner or a white dot printed in one corner of the processor. 

* Asquare, rather than round, joint where one of the pins is connected to the 
underside of the processor. 


* A "spur" on one corner of the gold patch on the underside of the processor. 
On a processor socket, this may be: 


* Adifference in the pattern of pin holes in one corner. 
* A"1" printed on the motherboard next to one corner. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vl and job aids on How to Install and Upgrade Processors. 
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Activity 4-1 


Discussing CPU Upgrades 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What limits upgrade potential for the system processor? 


2. How can CPU performance be improved? 


3. Why can cache improve performance? 


4. What does SMP mean? 


5. How is the heat sink and fan assembly attached, and what problems can 
occur releasing it? 


6. What must you check when inserting a PGA CPU chip? 


7. What is the difference between a heat sink and a heat pipe? 
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Activity 4-2 


Planning for a CPU Upgrade 


BEFORE YOU BEGIN 
You will perform this activity at your WORKBENCH PC. 


SCENARIO 

You want to upgrade the CPU in your home PC. You need to make sure that the CPU 
you are installing will perform better than the one currently installed, and that it will 
work with the existing motherboard and other components. 


1. Use the Windows System Properties page and the CPUID CPU-Z utility to report 
system information and configuration. 
a) Check System Properties to confirm the type of CPU currently installed. 
b) Run the CPUID CPU-Z utility using its desktop shortcut and click Yes when prompted 
by User Account Control (UAC). 


The first tab shows information about the CPU. 


E 
CPU | Caches | Mainboard | Memory | PD | Graphics | Bench | About | 
Processor = = 
Name | Intel Xeon E3 1245 
Code Name | Skylake Max TOP [80.0 W 
Package | Socket 1151LGA 
Technology | 14nm Core VID | 0.752¥ 
Speoficaton Intel® Xeon® CPU E3-1245 v5 @ 3.50GHz 
Famy | 6 Model | E Stepping | 3 
Ext. Famiy | 6 Ext. Model [SE Revision | RO 
Instructions |MMX, SSE, SSE2, SSE3, SSSE3, SSE4. 1, SSE4.2, EM64T, AES, 
AVX, AVX2, FMA3, TSX 
~ Clocks (Core £0) Cache 
Core Speed | 897.36 MHz Lidata | 4x32KBytes | S-way 
Multper | x 9.0(8- 39) Lilnst. | 4x 32KBytes | Sway 
Bus Speed | 99.71 MHz Level2 | 4x 256KBytes | 4-way 
Rated F58 | Level3 [8 MBytes 16-way 
Selection [Socket = -] Cores | 4 Threads | 8 
CPU-Z ver. 1.85.0.x64 __ Tools bd | Vakdate | Close | 
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c) Select the Caches tab. Cache helps the CPU "smooth" the flow of instructions fetched 
from system memory and make processing more efficient. Different CPU models 
come with different amounts of cache, arranged in levels. Level 1 cache is the fastest 
and usually the smallest. 


CPU Caches | Mainboard | Memory | SPO | Graphics | Bench | About | 
L1D-Cache 
Size (32 KBytes | x4 
Descriptor |3-way set assodative, 64-byte line size 
Lil-Cache 
Size 32 KBytes x4 
Descriptor S-way set associative, 64-byte line size 
L2 Cache 
Size 256 KBytes x4 
Descriptor 4-way set associative, 64-byte line size 
L3 Cache 
Size 8 MBytes 
Descriptor | 16-way set assodative, 64-byte ine size 
CPU-Z ver. 1.85.0.x64 __Tools >| Vakdate | Close | 


d) Select the Mainboard tab. This shows information about the motherboard and 
system firmware vendor and model. 


CPU | Caches Mainboard | Memory | spo | Graphics | Bench | About | 
Motherboard 
Manufacturer | HP 

Model | 802F 

Chipset [Intel Skylake Rev.| 07 
Southbridge Intel IDA 149 Rev. | 31 

upcio | SMSC 
BIOS 

Brand [HP 

Version [N51 Ver. 01.65 

Date [01/08/2018 
Graphic Interface 

Version PCI-Express 
Link Width | x16 Max. Supported x16 

CPU-Z ver.1.85.0.x64 _ Tools |Y] Vakdate | cose | 


2. Determine which CPUs would provide better performance in the PC. 
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a) Using a vendor site such as http://processormatch.intel.com/, locate CPUs that are 
compatible with the motherboard and chipset. 


b) If available, review installation instructions for the replacement CPU. 
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Topic B 


Configure and Update BIOS/UEFI 


EXAM OBJECTIVES COVERED 
El 1001-3.5 Given a scenario, install and configure motherboards, CPUs, and add-on cards. 


In PC support, you will often need to use the system setup program to check or modify 
firmware settings and to perform firmware updates. 


SYSTEM FIRMWARE 


Firmware straddles a gray area between hardware and software. Firmware is 
specialized software stored in memory chips that store information whether or not 
power to the computer is on. It is most often written on an electronically 
reprogrammable chip so that it can be updated with a special program to fix any errors 
that might be discovered after a computer is purchased, or to support updated 
hardware components. 


System firmware provides low-level code to allow the computer components to be 
initialized and load the main operating system software. 


BIOS 


For many years, the system firmware for a PC was called the BIOS (Basic Input/Output 
System). BIOS provides the industry standard program code that initializes the 
essential components of the PC and ensures that the design of each manufacturer's 
motherboard is PC compatible. 


UEFI 


Newer motherboards may use a different kind of firmware called Unified Extensible 
Firmware Interface (UEFI). UEFI provides support for 64-bit CPU operation at boot, a 
full GUI and mouse operation at boot, networking functionality at boot, and better 

boot security. A computer with UEFI may also support booting in a legacy BIOS mode. 


SYSTEM FIRMWARE SETUP PROGRAMS 


System settings can be configured via the system firmware setup program. This may 
also be referred to as CMOS setup, BIOS setup, or UEFI setup. 


Note: The term CMOS Setup is still widely used, even though the setup configuration is no 
longer stored within the CMOS RAM component. 


You can normally access the system setup program with a keystroke during the power- 
on (boot) process. The key combination used will vary from system to system; typical 
examples are Esc, Del, F1, F2, or F10. The PC's documentation will explain how to 
access the setup program; often a message with the required key is displayed when 
you boot the PC. 
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F2 = System Setup 

F10 = System Services 
Fii = BIOS Boot Manager 
F12 = PXE Boot 


PowerEdge T310 


LSS) 
BIOS Revision 1.12.0 


Bootup access to system firmware setup. 


Note: One issue with modern computers is that the boot process can be very quick. If this 
is the case, you can Shift-click the Restart button from the Windows logon screen to 
access UEFI boot options. Alternatively, the motherboard vendor may supply a tool for 
disabling fast boot or accessing the setup program. 


You navigate a legacy BIOS setup program using the keyboard arrow keys. Pressing Esc 
generally returns to the previous screen. When closing setup, there will be an option to 
exit and discard changes or exit and save changes. Sometimes this is done with a key 
(Esc versus F10, for instance), but more often there is a prompt. There will also be an 
option for reloading the default settings, in case you want to discard any 
customizations you have made. 


Dell Inc. (www.dell.com) - PowerEdge T310 
BIOS Version 1.12.0 


Service Tag: C3CUT4J Asset Tag: 


yustem Time SRE PS Sag ; z : 4 
System Date 2015 


Memory Settings <ENTER> 
Processor Settings <ENTER> 


SATA Settings <ENTER> 


Boot Settings <ENTER> 


Integrated Devices .. <ENTER> 
PCI IRQ Assignment <ENTER> 


<ENTER> 
<ENTER> 


<ENTER> 


Up, Down Arrow to select SPACE, +,- to change ESC to exit Fi=Help 


A BIOS setup program. 
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UEFI setup programs might feature a graphical interface and mouse support. 


DOLL UNIFIED SERVER CONFIGURATOR | LIFECYCLE CONTROLLER ENABLED P 


System BIOS Settings 


System BIOS Settings 


ee ie 
Processor Settings 
SATA Settings 

Boot Settings 


Integrated Devices 
Serial Communication 
Embedded Server Management 


Power Management 
System Security 
Miscellaneous Settings 


This field controls the system memory settings. 


UEFI v2.1 Default 


A UEFI setup program. 


SYSTEM COMPONENT SETTINGS 


The system firmware setup program will contain information about core components 
such as the CPU, chipset, RAM, hard drive(s), optical drive(s), and the battery (on a 
laptop). 


CPU FEATURES 


There will be options for configuring features of the CPU, such as number of cores, 
cache, power performance, support for instruction set extensions that speed up 
virtualization (running multiple guest operating systems in a hypervisor), and so on. 


In most cases, these features will be detected and enabled by default. You may want to 
disable them to perform troubleshooting, however. 
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Dell Inc. (www.dell.com) - PowerEdge T310 
BIOS Version 1.12.0 


Service Tag: C3CUT4J Asset Tag: 


System Time 
System 


Memory] Core Speed 2.40 GHz 

Proces| Virtualization pea Enabled 
Execute Disable 

SATA 5| Number of Cores per Processor 


Turbo Mode 
Boot S|} C States Disabled 
Processor 1 Family-Model-Stepping 06-1E-5 
Integr [Intel(R) Xeon(R) CPU 
PCI IR Level 2 Cache 
Level 3 Cache 
Serial 
Embedded Server Management 


Power Management 


Up,Down Arrow to select SPACE, +,- to change ESC to exit Fi=Help 


CPU feature menu. 


RAM 


The system software detects installed memory modules via a Serial Presence Detect 
(SPD) chip in the modules. The system software will allow you to enable or disable a 
boot-time memory check. There may also be options for configuring multi-channel 
memory modes. There may also be the option to overclock system memory modules. 


Dell Inc. (www.dell.com) - PowerEdge T310 
BIOS Version 1.12.0 


Service Tag: C3CUT4J Asset Tag: 


System Time 14:36:00 
System Date 
System Memory Size 
t | System Memory Type 
Processor Sett| System Memory Speed 
Video Memory 


SATA Settings System Memory Testing 


Boot Settings <ENTER> 


Integrated Devices <ENTER> 
PCI IRQ Assignment 


<ENTER> 


<ENTER> 


Up, Down Arrow to select SPACE, +,- to change ESC to exit Fi=Help 


System memory properties and settings. 


POWER MANAGEMENT 


Power management enables features such as soft power on/off (enabling the 
Windows Shut Down routine to power off the computer), power saving modes, 
hibernation, and so on. This option should normally be enabled. 
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Dell Inc. (www.dell.com) - PowerEdge T310 
BIOS Version 1.12.0 


Service Tag: C3CUT4J Asset Tag: 


CPU Power and Performance Management OS DBPM 
Fan Power and Performance Management Minimum Power 
Memory Power and Performance Management ... Maximum Performance 


anagement 
System Security 
Keyboard NumLock 


Report Keyboard Errors .. Do Not Report 
Fi/vF2 Prompt on Error Enabled 


Up,Down Arrow to select SPACE, +,- to change ESC to exit Fi=Help 


Power management profile configuration. 


DATE, TIME, AND DAYLIGHT SAVINGS 


Sometimes known as the real time, this is simply the calendar date and time. The PC's 
Real Time Clock (RTC) can be automatically adjusted back or forward one hour as 
appropriate, within the time zone under Windows. If the real time clock starts to lose 
the correct date or time, the RTC battery could be failing. 


BOOT OPTIONS 


One of the most important parameters in system setup is the boot sequence or boot 
device priority. This defines the sequence in which the system firmware searches 
devices for a boot manager. You will usually be able to set 3 or 4 options in priority 
order. 


Dell Inc. (www.dell.com) - PowerEdge T310 
BIOS Version 1.12.0 


Service Tag: C3CUT4J Asset Tag: 


<ENTER> 


ME ee eee sees : BIOS 
Boot Sequence . <ENTER> 
Integr| Hard-Disk Drive Sequence .. <ENTER> 
PCI IR| USB Flash Drive Emulation Type ... .. <ENTER> 
Boot Sequence Retry Disabled 
Serial 
Embedded Server Management <ENTER> 


Power Management <ENTER> 
System Security <ENTER> 


Keyboard NumLock 
Report Keyboard Errors .. Do Not Report 
Fi/vF2 Prompt on Error Enabled 


Up, Down Arrow to select SPACE, +,- to change ESC to exit Fi=Help 


Boot parameters. 


Typical choices include: 
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* Hard drive. A SATA boot disk should generally be connected to the lowest 
numbered port but it is usually possible to select the hard drive sequence if 
multiple fixed drives are installed. 

* Solid State Drive (SSD). An SSD attached using SATA will be listed with other SATA/ 
AHCI devices. An SSD installed as a PCle Add-in Card (AIC) or on the M.2 interface 
can be used as a boot device if the firmware supports NVMe. 

* Optical drive (CD/DVD/Blu-ray). If you are performing a repair install, you might 
need to make this device highest priority. 

+ USB. Most modern systems can boot from USB drives. 

* Network/PXE. Uses the network adapter to obtain boot settings from a specially 
configured server. 


Dell Inc. (www.dell.com) - PowerEdge T310 
BIOS Version 1.12.0 


Service Tag: C3CUT4J Asset Tag: 


SATA $ 

J 1. SATA Optical Drive 
Boot $ 2. Embedded NIC 1 BRCM MBA Slot 0200 v7.2.3 

J 3. Hard drive C: (Slot 1 #0300 ID4F LUNO Dell Vi) 
Integr 


PCI IR SPACE to enable/disable 


Serial 
Embedded Server Management <ENTER> 


Power Management <ENTER> 
System Security 


Keyboard NumLock 


Report Keyboard Errors Do Not Report 
FivF2 Prompt on Error Enabled 


Up,Down Arrow to select SPACE, +,- to change ESC to exit Fi=Help 


Boot order configuration. 


INTERFACE CONFIGURATION SETTINGS 


There will be options for enabling/disabling and configuring any controllers and 
adapters provided on the motherboard. This will include storage adapters and possibly 
features such as USB, network adapter, graphics adapter, and sound adapter. 
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Dell Inc. (www.dell.com) - PowerEdge T310 
BIOS Version 1.12.0 


Service Tag: C3CUT4J Asset Tag: 


‘a ESSIN 
Internal USB Port NE 
Embedded NIC1 and NIC2 .. Enabled 
Embedded Gb NIC1 Enabled with 

MAC Address . 842B2B19E291 
Embedded Gb NIC Enabled 

MAC Address 842B2B19E292 
OS Watchdog Timer Disabled 
Embedded Video Controller Enabled 


System Security <ENTER> 
Keyboard NumLock 


Report Keyboard Errors . Do Not Report 
Fi/vF2 Prompt on Error Enabled 


Up,Down Arrow to select SPACE, +,- to change ESC to exit Fi=Help 


Onboard device configuration. 


SECURITY SETTINGS 


Several categories of security settings can be configured in system firmware setup 
programs. 


AUTHENTICATION 


Different system software will provide different support for authentication methods. 
There are usually at least two passwords, though some systems may allow for more: 


* Supervisor/Administrator/Setup—protect access to the system setup program. 

+ User/System—lock access to the whole computer. This is a very secure way of 
protecting an entire PC as nothing can be done until the POST has taken place. The 
only real way of getting around this would be to open the PC and reset the system 
setup configuration, which isn't very easy to do. 


Dell Inc. (www.dell.com) - PowerEdge T310 
BIOS Version 1.12.0 


Service Tag: C3CUT4J Asset Tag: 


System Passwe CER coe eNO L 
Setup Password .. ... Not Enabled 
Password Status Unlocked 


TPM Security orf 


TPM Status ... Enabled, Activated 
TPM Activation .. No Change 
TPM Clear No 


Power Button Enabled 
NMI Button Disabled 
AC Power Recovery Last 

AC Power Recovery Delay .... Immediate 


Enabled 
Up, Down Arrow to select SPACE, +,- to change ESC to exit Fi=Help 


Configuring system security. 


Lesson 4: Installing, Configuring, and Troubleshooting Internal System Components | Topic B 


182 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


password, which weakens the security considerably. This option would be used only on 
workstations and servers that aren't used for interactive logon (a computer running 
monitoring or management software, for instance). 


@ Note: For user/system authentication, you have to tell everyone who uses the PC the 


DRIVE LOCKS 
There are generally three options for securing access to the disk specifically (rather 
than the PC generally): 


* Configure and store the password in the PC firmware; this means that the disk is 
unusable except with the designated computer. 

* Store the password in the disk firmware; this is configured in conjunction with a 
compatible PC firmware and means that the disk is transferable between 
computers with a compatible firmware. 

* Use Full Disk Encryption (FDE) to encode the contents of the drive as well as 
password-protecting it. The selected password is used as the basis of the encryption 
key. Again, this requires a hard drive and firmware compatible with the same FDE 
product. 


Note: In most cases, there is some sort of recovery mechanism. This might involve the 
supervisor password or a password recovery disk. 


DRIVE ENCRYPTION 


Drive encryption means that the entire contents of the drive (or volume), including 
system files and folders, are encrypted. OS security measures are quite simple to 
circumvent if you can get hold of the drive itself. Drive encryption allays this security 
concern by making the contents of the drive accessible only in combination with the 
correct encryption key. 


Windows supports drive encryption in the BitLocker product, bundled with the 
Professional/Enterprise/Ultimate editions. 


Note: Third-party disk encryption products are available for other versions and editions 
of Windows. 


TPM 


BitLocker® requires the secure storage of the key used to encrypt the drive contents. 
Normally, this is stored in a Trusted Platform Module (TPM) chip on the computer 
motherboard. TPM is a specification for hardware-based storage of digital certificates, 
keys, hashed passwords, and other user and platform identification information. 
Essentially, it functions as an embedded smart card. Each TPM microprocessor is hard- 
coded with a unique, unchangeable key (the endorsement key). During the boot 
process, the TPM compares hashes of key system state data (system firmware, boot 
loader, and OS kernel) to ensure they have not been tampered with. The TPM chip has 
a secure storage area that a disk encryption program such as Windows BitLocker can 
write its keys to. 


It is also possible to use a removable USB drive (if USB is a boot device option). As part 
of the setup process, you also create a recovery password or key. This can be used if 
the disk is moved to another computer or the TPM is damaged. 


Note: You may need to enable the TPM chip via the system setup before it can be used. 
Many vendors ship the computer with TPM disabled. 
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Dell Inc. (www.dell.com) - PowerEdge T310 
BIOS Version 1.2.1 


System Password Enabled 
Setup Password Not Enabled 
Password Status Unlocked 


TPM Security On with Pre-boot Measurements 
TPM Activatio Activate 
TPM Clear 


Power Button Enabled 

NMI Button Disabled 

AC Power Recovery Last 

AC Power Recovery Delay .... Immediate 
User Defined Delay 


Enabled 


Up, Down Arrow to select SPACE,+,- to change ESC to exit Fi=Help 


Configuring a TPM. 


LoJack 

Some laptop firmware is bundled with LoJack tracking software (developed by 
Absolute Software), essentially a security rootkit designed to prevent theft. If enabled 
(and the user has subscribed to LoJack®), a "dialer" is activated that attempts to contact 
Absolute Software's authorization servers each day. If the laptop is reported stolen, the 
authorization servers can force the laptop into a locked down mode (require a boot 
password or remotely wipe data, for instance). The software can also attempt to locate 
the laptop, either using GPS data if the laptop has a GPS chip or using information 
about nearby wireless networks. It can also try to identify the thief by installing forensic 
tools (a key logger and screen capture utility). 


INTRUSION DETECTION 

A computer chassis can be installed with sensors to report intrusion detection (if the 
chassis or lockable faceplate is opened) to management software or display an alert at 
boot time. Some setup programs can lock the workstation automatically if an intrusion 
is detected, requiring a supervisor to log on with the relevant password to unlock it 
again. 


SECURE BOOT 


Secure boot is a security system offered by UEFI. It is designed to prevent a computer 
from being hijacked by malware. Under secure boot, UEFI is configured with digital 
certificates from valid OS vendors. The system firmware checks the operating system 
boot loader using the stored certificate to ensure that it has been digitally signed by 
the OS vendor. This prevents a boot loader that has been modified by malware (or an 
OS installed without authorization) from being used. 


Note: Certificates from vendors such as Microsoft (Windows 8/10 and Windows Server 
2012 and later) and Linux distributions (Fedora, openSUSE, and Ubuntu) will be pre- 
loaded. Additional certificates for other boot loaders can be installed (or the pre-loaded 
ones removed) via the system setup software. It is also possible to disable secure boot. 


FIRMWARE UPDATES 


System vendors and motherboard manufacturers may regularly update their system 
firmware in order to fix bugs, solve incompatibilities with operating systems, or to add 
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new features. You should visit the relevant support website regularly to check whether 
upgrades are available. As upgrading the firmware is relatively risky (a failed 
motherboard update can leave the computer unbootable, for instance), it is only worth 
doing if the update fixes a specific problem that you are encountering or if it is 
regarded as a critical update. 


Note: Performing a firmware update is often referred to as "flashing." 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vl and job aids on How to Configure and Update System Firmware. 
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Activity 4-3 


Discussing BIOS/UEFI Configuration and 
Updates 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What advantages does UEFI have over BIOS? 


2. Name three keys commonly used to run a PC's BIOS/UEFI system setup 
program. 


3. What widely supported boot method is missing from the following list? HDD, 
FDD, Optical, USB. 


4. Where should you launch a typical firmware upgrade utility—from system 
setup or from Windows? 


5. If you want to enforce TPM system security, what other BIOS feature should 
you enable? 


6. True or false? Processor extensions such as VT are set by the vendor 
depending on the CPU model and cannot be enabled or disabled by the user. 


7. A user's computer was recently installed with a new optical drive. The user 
now reports a "chassis" error message after the POST sequence. What might 
be the cause? 
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8. When you are configuring BIOS security, what is the difference between a 
supervisor password and a user password? 


9. What security system allows system boot to be disabled if the computer is 
reported stolen? 
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Topic C 


Install Power Supplies 


EXAM OBJECTIVES COVERED 
El 1001-3.7 Summarize power supply types and features. 


In this topic, you will take a closer look at the computer's power supply and its 
connections to the other system components. The computer's power supply is the 
main source of power for all components installed within the system unit. 
Understanding the power requirements of all the components and the maximum 
power supplied is crucial in managing the overall computer system power needs. 
Whether you are upgrading or replacing faulty components, you need to effectively 
manage the capacity of the current power supply. 


ELECTRICAL CIRCUITS 


Electricity is the flow of electrons through a conductor. The characteristics of the 
electricity supply are measured as voltage, current (amperage), resistance, and power. 


* Voltage—the potential difference between two points (often likened to pressure in 
a water pipe) measured in Volts (V). 

* Current—the actual flow of electrons, measured in Amps (I). A current flows in a 
circuit, which is made when conductors form a continuous path between the 
positive and negative terminals of a power source. The size of the current is 
determined by the conductivity of the circuit (for example, a higher current can flow 
in a thicker wire than can in a thinner one). 

* Resistance—a degree of opposition to the current caused by characteristics of the 
conductor, measured in Ohms (Q or R). 

* Power—the rate at which electricity is drawn from the supply by the device using it, 
measured in Watts. Power is equal to the Voltage multiplied by the Current (W=V*'). 

+ Energy—the amount of power consumed by a device over time. This is measured in 
Watt-hours (or more typically, Kilowatt-hours [kWh)). 


In a Direct Current (DC) circuit, the charge flows in one direction from the positive to 
negative terminals of the power source at a constant voltage. DC is used for electronic 
circuits, which require stable voltages. Grid power is supplied as Alternating Current 
(AC), which means that the current flows in both directions around the circuit and the 
voltage alternates between low and high values. AC is a cheap way to distribute 
electrical power over long distances, but is incompatible with PC electronics. 
Transformers in the PC's power supply are used to convert AC to DC voltages. 


In the US, grid power is supplied at 120 VAC with a tolerance of +5 percent, giving a 
range of 114 VAC to 126 VAC. Historically, US grid power has been supplied at 110 VAC 
and 115 VAC, and these values are still widely referred to. In continental Europe and 
Ireland, mains electricity is supplied at 220 VAC, while in the UK it is 240 VAC; however, 
there are tolerances that mean most devices designed for IT use in the European 
market can work with a supply of 220-240 VAC. 


Here are the electrical components used in a PC's electronic circuits: 


* Conductor—a material that is good at conducting electricity, such as gold, copper, 
or tin. These are used for wires and contacts. 
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* Insulator—a material that does not conduct electricity, such as rubber or plastic. 
These are used as sheaths for wires to prevent short circuits or electric shocks. 


Note: Some materials are better conductors or insulators than others. Most materials 
have some degree of resistance, which creates heat as a current passes through it. 


* Semiconductor—a material that can act as both a conductor and an insulator. This 
provides switch-like functionality, where a circuit can be opened and closed, used to 
represent binary (on/off) digits. 

* Resistor—these oppose the flow of current without blocking it completely and are 
used to manage electronic circuits. 

* Diode—a valve, allowing current to flow in one direction only. These are used in a 
computer's power supply and as protection for components. 

* Fuse—this is a safety device. The flow of electricity creates heat. A fuse is designed 
so that if the current is too high, the heat will cause the fuse wire to melt and break, 
breaking the circuit and shutting off the current. 

* Transistor—in computers, these are semiconductor switches used to create logic 
devices. Typically, a type called a Field Effect Transistor (FET) is used to make 
components such as CPUs and memory. 

* Capacitor—this stores electrical energy and is often used to regulate voltages. Note 
that a capacitor can hold a charge after the power is removed. 


PSU 


The Power Supply Unit (PSU) delivers Direct Current (DC) low voltage power to the PC 
components. 


The PSU contains transformers (to step down to lower voltages), rectifiers (to convert 
AC to DC), and filters and regulators (to ensure a "clean" output or steady voltage). The 
other important component in the PSU is the fan, which dissipates the heat generated. 
Better quality models feature low noise fans. 


PSU FORM FACTORS 


The power supply's size and shape (or form factor) determines its compatibility with 
the system case, in terms of available room plus screw and fan locations. The form 
factor also determines compatibility with the motherboard, in terms of power 
connectors. 


* Most PSUs are based on the ATX form factor. An ATX PSU should be 150 mm wide 
by 86 mm high by 140 mm deep. The "server-class" EPS12V specification allows 
PSUs to be 180 mm or 230 mm deep. These will usually fit ATX cases though 
obviously they protrude farther into the case so the available space should be 
measured first. 

* For Small Form Factor (SFF) PCs such as those based on the Micro-ATX motherboard 
form factor, an ATX PSU may fit. If the case is a slimline type, a smaller form factor 
may be required. Although there is no definition of a Micro-ATX PSU, the standards 
documentation refers to the following: 


* SFX12V—100 mm wide by 50 mm high by 125 mm deep with a 40 mm fan or 
63.5 mm high with a 60 mm fan. There is an option to use a top-mounted 80 mm 
fan, making the unit 80 mm high. 

* TFX12V (Thin Form Factor)—this is narrower and longer compared to the "boxy" 
ATX and SFX formats. It measures 85 mm wide by 65 mm high by 175 mm deep. 
The part that fits the case slot is 61 mm high but there is a 4 mm bevel to 
accommodate the top-mounted fan. 
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* SFF PSUs are rarely rated above 300 W. You can check formfactors.org for 
complete descriptions of the Intel specifications. 


INPUT VOLTAGE 


A PSU is plugged into an electrical outlet using a suitable power cable. The plug should 
always be fitted with a working fuse of the correct rating (typically 3 A or 5 A). The plug 
should suit the outlet type of the country you are in, though "travel plug" converters 
are commonly available. 


A critical point to recognize if you are taking a computer to a different country is to 
ensure that the PSU is set to the correct input voltage. A PSU designed only for use in 
North America, with an input voltage of 115 V, will not work in the UK, where the 
voltage is 240 V. Some PSUs are dual voltage and are auto-switching (or auto-sensing); 
some have a switch to select the correct voltage; others can only accept one type of 
input voltage (fixed). 


The input operating voltages should be clearly marked on the unit and accompanying 
documentation. 


Autoswitching PSU (left) and PSU with manual voltage selector (between the power points). 


PSU POWER RATINGS 


A PSU must be able to supply adequate power to all the PC's components. The 
maximum power output (power rating) available from a PC power supply is measured 
in watts, calculated as voltage multiplied by current (V*l). This can be referred to as the 
power rating or wattage rating. 


The PSU found in a standard desktop PC is typically rated at around 200-300 W. This is 
normally sufficient for a full range of expansion cards and peripherals. Slimline 
desktop PCs may be fitted with 100-200 W power supplies. Tower systems and servers 
often have units rated over 300 W; enough to power many more disk drives, tape units, 
and other storage devices than would be fitted in a desktop PC. Gaming PCs might 
require 500 W or better power supplies to cope with the high specification CPU and 
graphics card(s). 


Note: The power requirement of different components varies widely (for example, CPUs 
can range from 17 W to over 100 W, depending on the model). If you are building or 


upgrading a system, the simplest way to work out the power requirement is to use an 
online calculator such as the one found at outervision.com. 
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OUTPUT VOLTAGES 


When specifying a PSU for a system that needs a lot of power, it is also important to 
look closely at the power distribution of each unit. Power distribution refers to how 
much power is supplied over each rail. A rail is a wire providing current at a particular 


voltage. 

Output Rail (V) Maximum Load (A) Maximum Output (W) 
+3.3 20 130 

+5 20 130 

+12 33 396 

-12 0.8 9.6 

+5 (standby) 2.5 12.5 


The output of +3.3 V and +5 V has a combined limit. No combination of values actually 
adds up to 450 W, but PSU outputs are self-certified by the manufacturers, so this 
situation is not uncommon. 


For a modern computer, the output rating of the +12 V rail (or rails) is the most 
important factor, as +12 V is the most heavily used. A PSU with two +12 V rails can be 
referred to as dual rail. Each rail has a safety feature called Overcurrent Protection 
(OCP), which cuts the circuit if the current exceeds a safe limit. Some PSU vendors 
prefer single +12 V rail designs while others use multi-rail designs, and it is one factor 
in determining overall PSU performance and safety. The internal design of the PSU has 
no effect on the way you make the connections to the motherboard. 


Also note that peak output is only achieved under optimum conditions; sustained (or 
continuous) power output represents "real world" performance. 


The power output is not the same as the power the PSU draws from grid power. If a 
PSU works at around 75% efficiency, a 300 W supply would draw 400 W from the 
outlet. The extra energy is lost mainly as heat. 


Note: As power becomes more expensive, power efficiency is an increasingly important 
criterion to use when selecting a PSU. An ENERGY STAR compliant PSU must be 80% 


efficient at 20-100% of load (many vendors only display the efficiency obtained under low 
load). 80 PLUS is a similar rating scheme. 


PSU ADAPTER TYPES 


The power adapters supply various combinations of 3.3 V, 5 V, and 12 V positive and 
negative current. Not all components use power at precisely these voltages. Voltage 
regulators on the motherboard are used to correct the voltage supplied from the PSU 
to the voltage required by the component. 

The ATX PSU standard has gone through several revisions, specifying different adapter 

types. 

+ P1 adapter. In the original ATX specification, the 20-pin P1 (2x10) adapter (also 
called the main connector) supplies power to the motherboard. Black wires are 
ground, yellow wires are +12 V, red wires are +5 V, and orange wires are +3.3 V. 
Most systems are now based on the ATX12V version 2 specification. This defines a 
24-pin (2x12) P1 adapter to replace the 20-pin one. This is sometimes implemented 
as 20+4-pin P1 cable for compatibility with older ATX motherboards that have 20- 
pin adapters. 
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A 24-pin main motherboard power cable and port. (Image © 123RF.com.) 
* Molex and SATA connectors. The 4-pin (1x4) Molex connectors and 15-pin (1x15) 
SATA (Serial ATA) connectors supply +12 V and +5 V power for peripheral devices 


housed within the system case. The number of connectors determines the number 
and type of devices (such as hard drives and optical drives) that can be supported. 


— 


From left to right, SATA and Molex power adapters. (Image © 123RF.com.) 


the connectors actually required to be used. This reduces clutter within the chassis, 


@ Note: Modular PSUs have cables that are detachable from the PSU unit, allowing only 
improving air flow and cooling. 


If there are insufficient adapters, it is possible to obtain splitters (also called y- 
adapters) so that two devices can be connected to the same cable. You can also 
obtain conversion adapters (Molex to SATA, for instance). 

* PCle connectors. A 6-pin (2x3) connector is used to supply an extra 75 W power 
(+12 V) to PCle graphics cards. This was updated to an 8-pin (2x4) connector 
delivering 150 W in the ATX12V v2.2 specification. Some adapters or dual-card 
systems will require the use of multiple PCle auxiliary power connectors. 
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A PCle 6-pin power adapter. (Image © 123RF.com.) 


P4 and EPS 12V connectors. The ATX12V standard specifies an additional 4-pin 
(2x2) +12 V connector (often labeled P4) to support the operation of the CPU. 


You may also come across 8-pin +12 V connectors. The Entry-level Power Supply 
(EPS) specification was developed initially for server-class hardware. Many of its 
features were incorporated in ATX12V. EPS12V defines an 8-pin +12 V connector. 
This is often wired as two 2x2-pin connectors so that an EPS12V PSU can be 
connected to an ATX motherboard with a 4-pin +12 V port. 


An EPS 12V connector. (Image © 123RF.com.) 


POWER NEEDS CALCULATION 


Calculating the amount of power needed for a PC helps ensure that you have enough 
power available for all the devices on the PC. The process is fairly simple: 


1. List the devices that need to have power served by the PSU. Be sure to include the 


following: 

* Motherboard 
* CPU 

e RAM 

e Hard drives 

* CD drives 

* DVD drives 


* Floppy drives (if any) 
* Expansion cards 
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Determine the power requirements for each device. 
Add up the power requirements for the existing total power load. 
Consider adding a buffer of 20 to 30 percent for future power needs. 


Examine the details on the PSU currently installed, paying particular attention to 
the maximum output. 


wPWN 


e Ifyou have not exceeded the power available, you do not need to upgrade the 
PSU. 


* If you have, you will need to obtain a PSU with a higher output and install it. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
VS and job aids on How to Install a Power Supply Unit. 
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Activity 4-4 


Discussing Power Supply Installation 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. How would you calculate the power used by a component? 


2. What causes a fuse to blow—excessive voltage or excessive current? 


3. What is the significance of a PSU's power output when you are designing a 
custom build PC? 


4. Are you able to use a standard ATX12V PSU with a Mini-ITX motherboard? 


5. You have a power supply with an 8-pin connector on it. What is this for? 


6. You are connecting a new PSU. The PSU has a square 4-pin P4 cable but there 
is no square 4-pin receptacle on the motherboard. Should you leave the 
cable disconnected? 


7. What setting should you check before installing a PSU? 
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Another technician replaced the PSU on a PC. Later the same day the PC's owner 
contacts you to say that the system has been displaying numerous alerts about 
high temperature. 


What do you think might be the cause? 
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Activity 4-5 


Calculating Power Requirements and 
Installing a PSU 


BEFORE YOU BEGIN 


You will perform this activity at your WORKBENCH PC. 


SCENARIO 


In the first part of this activity, you will calculate the power required by your workbench 
PC. As a guide, you can refer to the following table that includes common component 


types, example specifications, and required wattages. 


Component Type Example Specification 
CPU Intel Core i7-970, 3.2 GHz 
Memory 4 GB DDR3-1600 

Video card NVIDIA GeForce 8800 GTS 
Motherboard ASUS P6X58D Premium LGA 
Hard drive 1 TB SATAII 7200 RPM 
Optical drive 6x Blu-ray 

NIC 10/100/1000 Mbps PCI-Express 
Sound card SoundBlaster X-Fi Titanium 
USB wired keyboard Yes/No 

USB wired mouse Yes/No 

USB flash drive Yes/No 


Other external devices External DVD+R drive 
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Example Wattage 
Required 

130 

8 


Examine your PC, and complete the Specification column of the following table. If 
you have different or additional components in your PC, revise the table 


accordingly. 


Component Type 
CPU 

Memory 

Video card 
Motherboard 

Hard drive 

Optical drive 

NIC 

Sound card 

USB wired keyboard 


Specification 


Wattage Required 
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Component Type Specification Wattage Required 
USB wired mouse 
USB flash drive 


Other external 
devices 


If you can, determine the power required by each component, and complete the 
table. Again, example values have been provided for your reference. 


Calculate the total wattage required for your PC. Compare this value with the 
maximum wattage output listed on the power supply. Does this power supply 
need to be upgraded? 


Add a buffer of 30 percent to the total wattage required for your PC. Will the 
existing power supply continue to supply enough power if additional components 
are added to the system? 


After calculating the power load for all the components and future needs, you 
have determined that it exceeds the capacity of the installed power supply. 
Remove the existing power supply. 


a) Shut down the computer. 
b) Unplug the power cord from the electrical outlet. 


c) On ATX systems, to discharge any remaining electricity stored in the computer's 
capacitors, toggle the power switch on the computer on and off. 


d) Remove any components necessary in order to access the power supply and its 
connection to the system board. 

e) Unplug all power connections from devices, marking where each connection went to 
as you go. 

f) | Unplug the power supply from the motherboard. 

g) | Unscrew the power supply from the case. 

h) | Remove the power supply from the case. 


Install the replacement power supply. 


Note: If you don't have another power supply, reinstall the power supply you just 
removed. 


a) Insert the power supply into the case. Align the guides on the base of the supply with 
the base. 


b) Secure the power supply to the case. 

c) Plug all power connections into the devices. 

d) Plug the power supply into the system board. 

e) Reinstall any components you removed to access the power supply. 
f) Plug the power cord from the power supply to the electrical outlet. 


Test the power supply. 
a) Turn on the system. 
b) Test all components. 
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Topic D 


Troubleshoot Internal System 


Components 
EXAM OBJECTIVES COVERED 

BI 1001-5.2 Given a scenario, troubleshoot problems related to motherboards, RAM, CPUs, 
and power. 


As a CompTIA A+ technician, it is essential for you to be comfortable working with 
system components, whether you are installing them, configuring them, or trying to 
figure out how to resolve issues with them. It is only a matter of time before a personal 
computer's internal system hardware components experience problems, and generally 
these are problems users themselves cannot fix. As a CompTIA A+ technician, many of 
the service calls that you respond to will involve troubleshooting system hardware 
components, and your ability to quickly and effectively diagnose and solve the 
problems will be essential in maintaining the satisfaction level of the users you 
support. 


BASIC HARDWARE PROBLEMS 


When you are troubleshooting suspected problems, look for simple solutions first. 


e Find out if anything has changed. 

e Eliminate hardware issues as a cause first. 

* Try one thing ata time. 

* Take care to ensure that a user's data is backed up before proceeding. 


There are several externally observable symptoms that may help you to diagnose a 
hardware problem without having to open the computer chassis. 


INDICATOR LIGHTS 
Most devices have a status Light Emitting Diode (LED) to indicate that the device is 
switched on and receiving power. 


Some devices may have additional status indicators or show other functions. For 
example, a hard drive LED shows activity; normally this should flicker periodically. If a 
hard drive LED is solid for extended periods it can indicate a problem, especially if the 
PC is not doing any obvious processing. 


Similarly, network adapters often have LEDs to indicate the connection speed and 
activity on the network. 


ALERTS 

Most PC systems now have quite good internal monitoring systems (such as the 
internal thermometers). When these systems detect problems, they can display an 
administrative alert, either on the local system or to some sort of network 
management system. The operating system may also be able to detect some kinds of 
hardware failure and display an appropriate alert. 
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OVERHEATING 


Excessive heat damages the sensitive circuitry of a computer very easily. If a system 
feels hot to the touch you should check that the fans are operating and are not clogged 
by dirt or dust. 


© Note: PCs and laptops can get very warm without there being a specific problem. 


As mentioned above, many systems now come with internal temperature sensors that 
you can check via driver or management software. Use the vendor documentation to 
confirm that the system is operating within acceptable limits. 


Unusual odors, such as a burning smell, or smoke will almost always indicate 
something (probably the power supply) overheating. The system should be shut down 
immediately and the problem investigated. 


Thermal problems are also likely to cause symptoms such as spontaneous reboots, 
blue screens, lockups, and so on. These will typically be cyclic—if you turn the system 
off and allow it to cool, the problem will only reappear once it has been running long 
enough for heat to build up again. 


LOUD NOISES 


Devices may also start to fail over time. Drives of most types are most prone to failure, 
but sensitive chips such as memory and graphics adapters can also develop problems 
(often caused by some underlying thermal issue). 


Loud or unusual noises can often indicate that a device such as a fan or hard drive is 
failing. Note that these may not be caused by hardware problems alone. For example, 
a fan that sounds noisy may be spinning too fast because its driver software is not 
controlling it properly. 

You also need to be able to distinguish between "healthy" noises and "unhealthy" 
ones. For example, a hard disk may make a certain "whirring whine" when first 
spinning up and a "chattering" noise when data is being written, but clicking, squealing, 
loud noise, or continual noise can all indicate problems. 


Note: Newer and more expensive models make very little noise. There may also be a 
setting in system setup to optimize disk performance to reduce noise. 


VISIBLE DAMAGE 


If a system has had liquid spilled on it or if fans or the keyboard are clogged by dust or 
dirt, there may be visible signs of this. 


Actual physical damage to a computer system is usually caused to peripherals, ports, 
and cables. Damage to other components is only really likely if the unit has been in 
transit somewhere. Inspect a unit closely for damage to the case; even a small crack or 
dent may indicate a fall or knock that could have caused worse damage to the internal 
components than is obvious from outside. 


If a peripheral device does not work, examine the port and the end of the cable closely 
for bent, broken, or dirty pins and connectors. Examine the length of the cable for 
damage. 


POWER PROBLEMS 


PC components need a constant, stable supply of power to run. If the computer will 
not start, it is likely to be due to a power problem. If the PC suddenly turns off or 
restarts, power problems are also likely. 
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In the normal course of operations, the PSU converts the AC mains supply to DC 
voltages. DC voltage is used to power the internal drives and motherboard 
components. The PSU continually draws standby power from the mains (unless the 
PSU has its own on/off switch and it has been switched off). When the PC is switched 
on, the PSU starts supplying 12 V power and fans and disks should spin up. The PSU 
tests its 5 V and 3.3 V supplies, and when it is sure that it is providing a stable supply, it 
sends a "Power Good" signal to the processor. 


The processor then begins to run the Power On Self-Test (POST) program. POST will 
not run without a CPU. Some motherboards may be able to sound an alert or light a 
status LED if the CPU is not present or not working. 


If none of the LEDs on the front panel of the system case are lit up and you cannot 
hear the fans or hard drives spinning, the computer is not getting power. This is likely 
to be a fault in the PSU, incoming mains electricity supply, power cables/connectors, or 
fuses. 


To isolate the cause of no power, try the following tests: 


e Check that other equipment in the area is working; there may be a blackout. 

* Check that the PSU cabling is connected to the PC and the wall socket correctly and 
that all switches are in the "on" position. 

* Try another power cable—there may be a problem with the plug or fuse. Check that 
all of the wires are connected to the correct terminals in the plug. Check the fuse 
resistance with a multimeter. 


* Try plugging another piece of "known-good" equipment (such as a lamp) into the 
wall socket. If it does not work, the wall socket is faulty. Use another socket and get 
an electrician to investigate the fault. 

* Try disconnecting extra devices, such as optical drives. If this solves the problem, 
the PSU is underpowered and you need to fit one with a higher power rating. 


MULTIMETER USE 


A multimeter can be used to measure voltage, current, and resistance. Voltage 
readings can be used to determine whether, for example, a power supply unit is 
functioning correctly. Resistance readings can be used to determine whether a fuse or 
network cable is functioning correctly. 

* To test a fuse, set the multimeter to measure resistance and touch the probes to 
each end of the fuse. A good fuse should have virtually zero Ohms of resistance; a 
blown fuse will have virtually infinite resistance. 

* Power supply problems can be indicated by otherwise inexplicable system lockups 
or unprompted reboots. 


Caution: PC power supplies are NOT user-serviceable. Do NOT attempt any 
maintenance beyond the simple tests described. Never remove the cover of a power 


supply. 
e When you measure the voltage for each pin in a connector, be aware that a degree 
of tolerance is allowed: 


Minimum Maximum 
Supply Line Color Code Tolerance Voltage Voltage 
+5V Red +5% +4.75V +5.25V 
+12 V Yellow +5% +11.4V +12.6 V 
-12 V Blue +10% -10.8 V -13.2 V 
+3.3 V Orange +5% +3.135 V +3.465 V 
+5 V Standby Purple +5% +4.75 V +5.25 V 
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Minimum Maximum 
Supply Line Color Code Tolerance Voltage Voltage 
PSU On Green Higher than +3 V when PC is off; less than 0.9 V 
when the PC is on. 
Power Good Gray Less than 0.9 V when the PC is off; higher than 


2.5 V when the PC is on. 
Ground Black - - - 


Testing a Molex connector with a multimeter. 


If it seems that the PSU voltages are correct and that all power connectors are properly 
in place, then there may be a fault or overload on one of the peripheral devices (for 
example, the optical drive or the hard disk). Remove one peripheral device at a time 
(turn OFF when removing and reconnecting devices) to confirm whether the fault lies 
with one of these units. If you still cannot identify the fault, then the problem is likely to 
be a faulty motherboard or adapter card. 


If you suspect that a power supply is faulty, do not leave it turned on for longer than 
absolutely necessary and do not leave it unattended. Keep an eye out for external 
signs of a problem (for example, smoke or fire). Turn off immediately if there are any 
unusual sights, smells, or noises. 


Note: It is usually easier (and safer) to test the power supply by substitution (install a 
known good PSU) than to test with a multimeter. 


POWER SUPPLY TESTER 


A Power Supply Tester is a device designed (unsurprisingly) with the sole purpose of 
testing PSUs. It is much simpler to use than a multimeter as you do not have to test 
each pin in turn. 
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Typical models come with ports for the 20/24-pin P1, Molex, SATA, plus 8-pin, 6-pin, 
and 4-pin connectors found on different models of PSU. Usually each pin on each port 
has an LED to indicate whether the voltage supplied is good or (in more advanced 
models) a reading of the voltage supplied. 


Technician working with a power supply tester. (Image by Konstantin Malkov © 123RF.com.) 


POST AND BOOT PROBLEMS 


Once the CPU has been given the power good signal, the system firmware performs 
the Power On Self Test (POST). The POST is a built-in diagnostic program that checks 
the hardware to ensure the components required to boot the PC are present and 
functioning correctly. This is the general process for the POST: 


1. The POST starts by locating video card firmware at the address C000 in memory. If 
found, the video card is initialized from its own firmware. Information from the 
card manufacturer may also be displayed at this point. 

2. A startup screen is displayed. More tests on the system, including counting 
through system RAM, are performed. If any errors are found, a text error message 
is displayed. Explanations of these messages are usually found in the system 
guide. Once numeric codes, these messages now tend to be descriptive, such as 
"key stuck." 

3. You should be able to access the system setup routine from this point. This allows 
you to reconfigure the settings stored in system setup. The key used to invoke 
system setup varies according to the firmware, but is usually Delete, F2, Esc, F10, 
or F1. 

4. Some PCs indicate that system checks have been successfully completed at this 
point with a single short beep, but the trend for modern computers is to boot 
silently. 

5. A search is made for further interfaces that may have firmware chips on them. 
This could include storage adapters and network cards. Further information about 
these cards may be displayed at this point and their memory addresses reserved. 
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6. The firmware may display a summary screen about the system configuration. This 
may scroll by quite quickly. Use the Pause key if you want to analyze it. 
7. The operating system load sequence starts. 


Note: On modern computers, the POST happens very quickly to improve boot times so 
you are unlikely to see any POST messages. A modern POST is unlikely to perform 


thorough checks such as a memory count. 


POST NOT RUNNING 


If power is present (for example, if you can hear the fans spinning) but the computer 
does not start or the screen is blank and there are no beeps from the speaker, it is 
likely that the POST procedure is not executing. 


If the screen is blank, check that the monitor cable is connected and undamaged and 
that the monitor is powered on. If the monitor has separate inputs (for example, HDMI 
and DVI), make sure it is switched to the correct one. If possible, test with another 
monitor to confirm that there is no problem with the display. 


If you can rule out a problem with the display itself, other likely causes are faulty 
cabling or a damaged or mis-seated CPU or other motherboard component. To 
troubleshoot, try the following tests and solutions: 


* Ask what has changed—if the system firmware has been flashed and the PC has not 
booted since, the system firmware update may have failed. Use the reset 
procedure. 

* Check cabling and connections, especially if maintenance work has just been 
performed on the PC. An incorrectly oriented storage adapter cable or a badly 
seated adapter card can stop the POST from running. Correct any errors, reset 
adapter cards, and then reboot the PC. 

* Check for faulty interfaces and devices—it is possible that a faulty adapter card or 
device is halting the POST. Try removing one device at a time to see if this solves the 
problem (or remove all non-essential devices then add them back one-by-one). 

* Check the PSU—even though the fans are receiving power, there may be a fault that 
is preventing the Power Good signal from being sent to the CPU, preventing POST. 

* Check for a faulty CPU or system firmware. If possible, replace the CPU chip with a 
known good one or update the system firmware. 

* Some motherboards have jumpers to configure modes (such as firmware recovery) 
or processor settings. If the jumpers are set incorrectly it could cause the computer 
not to boot. If a computer will not work after being serviced, check that the jumpers 
have not been changed. 


Note: Remember to ask "What has changed" when troubleshooting. For example, it is 

r) best practice to check that a system works properly after performing any sort of servicing 
work (such as updating the firmware) but not all technicians are so diligent. If a user 
complains that their previously working PC will not boot, find out what happened to it in 
the intervening period. 


POST BEEP CODES 


If POST detects a problem, it generates an error message. As the error may prevent the 
computer from displaying anything on the screen, the error is often indicated by a 
series of beeps. 


For a beep code, you must decode the pattern of beeps and take the appropriate 
action. Use resources such as the manufacturer's website to determine the meaning of 
the beep code. Examples of manufacturer websites include ami.com, phoenix.com 
(Award), compaq.com, and dell.com. Websites such as bioscentral.com provide a 
good summary and can be located easily through Internet search engines. 


The codes for the original IBM PC are listed in this table. 
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Code Meaning 

1 short beep Normal POST—system is OK. 

2 short beeps POST error—error code shown on screen. 
No beep Power supply or motherboard problem 


(use a multimeter to check the onboard 
speaker is functioning). 


Continuous beep Power supply, motherboard, or system 
memory problem. 

Repeating short beeps Power supply, motherboard, or keyboard 
problem. 

1 long, 1 short beep Motherboard problem. 

1 long, 2 or 3 short beeps Display adapter error. 

3 long beeps 3270 keyboard card. 


Error messages on the screen are usually descriptive of the problem. In each case, take 
the appropriate action. 


Note: If the screen is blank on bootup but you hear a single beep, check the monitor is 
turned on and connected properly. Try testing the monitor with a different computer. If 


the monitor is OK, try replacing the graphics adapter. 


BIOS TIME AND SETTINGS RESET 


While modern computers do not rely on the CMOS battery to store system settings, if 
the computer is losing the correct time, it can be a sign that the Real Time Clock battery 
is failing. On older computers, the failure of the battery may lead to system setup 
settings being lost or corrupted. You may see a "CMOS Checksum" error or similar. To 
replace the CMOS battery: 


1. Obtain a coin cell battery that is compatible with your motherboard. 
2. Unclip the existing battery and take it out. 

3. Plug in the new battery. 

4. Switch the computer back on. 


OPERATING SYSTEM SEARCH/BOOTS TO INCORRECT DEVICE 


Once the POST tests are complete, the firmware searches the devices as specified in 
the boot sequence. If the first drive in the sequence is not found, it then moves on to 
the next. For example, if there is no fixed disk, the boot sequence checks for a USB- 
attached drive. If no disk-based boot device is found, the system might attempt to boot 
from the network. If no boot device is found, the system displays an error message 
and halts the boot process. 


If the system attempts to boot to an incorrect device, check that the removable drives 
do not contain media that are interfering with the boot process and that the boot 
device order is correctly configured. 


OS BOOT TROUBLESHOOTING AND LOG ENTRIES 


If a boot device is located, the code from the boot sector on the selected device is 
loaded into memory and takes over from the system firmware. The boot sector code 
loads the rest of the operating system files into system memory. Error messages 
received after this point can usually be attributed to software (or driver) problems 
rather than issues with hardware devices. 
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/inputi 
-636419] hu_netusc: hu_netusc channel opened successfully 
. 7668721] hy_netus: K n : i tion count :2560 
. 7690411] hy_ne s : :15:54:0 link state up 
. 7774061] scsi host0 ee. 
. 7784151 i 2 sf Virtual Disk 1.0 PQ: 0 ANSI: 5 
. 7796431 i 0:0:0: Virtual DVD-ROM 1.0 PQ: © ANSI: 0 
. 7892131 :0:0:0: ed scsi ge > sgO type 0 
. 7899671 : 5 logical blocks: (21.5 GB/20.0 GiB) 
- 7904141 10:0: 4 1 blocks 
- 7910471] sr 0: 71: [s siz 7 i 0x70x caddy 
- 79148 iver : 3.20 
7924581 sr 0: ttache i gene g1 type 5 
4801 : [sda] t f 
- 7940841 s : [sda] Write cache: enabled, read cache: enabled, doesn’t support DPO or FUA 
-7986971 s dai sda2 sda3 
-8005871 0:0:0: [sda] Attached SCSI disk 
in: Loading essential drivers ... [ 1.861814] md: linear personality registered for level -1 
-8641731] md: multipath personality registered for level -4 
-866534] md: raidO personality reg sre ~ level 0 
.871199] md: raid1 i level 1 
.9400161 rai 2 12301 > 
-0080401 raid6 xo 9205 
i ) 15006 
() 10562 
16943 
11358 


-484041] rai gen() s 
.4854961 rai i algorithm at gen() 28541 MB/s 
-486022] rai ng avux2x. algorithn 


2, 
2 

24880861 xor: automatically checksumming function: 
2 
2 


c) 

.540377] md: raid6 personality reg cred for level 6 
-540758] md: raidS personality registered for level 5 
-5412121] md: raid4 personality reg cred for level 4 
-545457] md: raid10 personality ri ered for level 10 


/scripts/init-premount ... done. 
ing root file system ... Begin: Running /scripts/local-top ... lumetad is not active yet, using direct activation 


Viewing startup messages on a Linux server. 


Note: In Windows 7, you can use the Startup Configuration utility (msconfig) to 
show boot messages (select OS boot information on the Boot tab). In Windows 10, this 
setting does not work and you need to enable verbose boot messages via the registry. 


If no error message is displayed at startup, issues with the operating system can often 
be diagnosed by checking for log entries. 


* In Windows, boot messages are written to the C:\Windows\ntbtlog.txt file. You 
should also use Event Viewer to analyze the System and Application logs for any 
errors. 


* In Linux, you can review the boot messages using the dmesg | less command. 


MOTHERBOARD COMPONENT PROBLEMS 


Few problems are actually caused by the motherboard itself, but there are a few things 
to be aware of. 


e The motherboard does contain soldered chips and components, which could be 
damaged by Electrostatic Discharge (ESD), electrical spikes, or overheating. 

e The pins on integrated connectors can also be damaged by careless insertion of 
plugs. 

* In some cases, errors may be caused by dirt (clean the contacts on connectors) or 


chip creep, where an adapter works loose from its socket over time, perhaps 
because of temperature changes. 


Note: Remember to ask "What has changed?" Check job logs to find out whether any 
maintenance or upgrades were carried out recently. 
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Unstable operation. Symptoms of intermittent device failure such as the system 
locking up, unexpected shutdown, displaying a Blue Screen of Death (BSoD) crash 
screen, or continuous rebooting are difficult to diagnose with a specific cause, 
especially if you are not able to witness the events directly. The most likely causes 
are software, disk problems, or malware. 


Note: A blue screen is a system crash screen proprietary to Windows. A macOS 


system that suffers catastrophic process failure shows a spinning pinwheel (of death), 
also called a spinning wait cursor. 


If you can discount these, try to establish whether the problem is truly intermittent 
or whether there is a pattern to the errors. If they occur when the PC has been 
running for some time, it could be a thermal problem. 


Next, check that the power supply is providing good, stable voltages to the system. 
If you can discount the power supply, you must start to suspect a problem with 
memory, CPU, or motherboard. 

Visual inspection. Inspect the motherboard for any sign of damage. If a 
component has "blown" it can leave scorch marks. You could also look for 
distended capacitors. The capacitors are barrel-like components that regulate the 
flow of electricity to the system chips. If they are swollen or bulging or emitting any 
kind of residue they could have been damaged or could have failed due to a 
manufacturing defect. 


If there is physical damage to the motherboard you will almost certainly need 
diagnostic software to run tests to confirm whether there is a problem. Testing by 
substituting "known good" components would be too time consuming and 
expensive. The most likely causes of physical damage are heat, ESD, or a power 
surge or spike. It is worth investigating any environmental problems or 
maintenance procedures that could be the "root cause" of the error. 


CPU Socket 


Motherboard 
Heatsinks 


Motherboard CPU socket and heatsinks surrounded by healthy capacitors. (Image © 123RF.com.) 


Overheating. Insufficient cooling is the main cause of processor, memory, and 
motherboard problems. Thermal faults are normally cyclic: a system works for 
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some time, crashes, and then works again later because powering down allows the 
processor to cool. To check for overheating issues: 


Ensure that the CPU fan is working. Proper cooling is vital to the lifespan and 
performance of the processor. If the processor is running too hot, it can 
decrease performance. A processor that is overheating can cause crashes or 
reboot the machine. 


Is the fan's power cable properly connected? Is the fan jammed, clogged, or too 
small? If a processor upgrade is installed, the fan from the original CPU may not 
be suitable for the new device. 


Note: Pro-actively optimize the existing cooling system by clearing dust from 
chips, heat sinks, and fans. Also verify that there is sufficient space around the 


PC's vents to allow for adequate air flow. If the PC is positioned too closely to a 
wall, it might prevent effective cooling. 


Make sure the heatsink is properly fitted. It should be snug against the 
processor. Heatsinks are usually "stuck" to the processor using a special heat 
conductive paste. Some manufacturers use lower quality paste. In these cases, it 
is possible to clean away the old paste and replace it with better paste, which will 
help the processor to run at a lower temperature. 

Always use blanking plates to cover up holes in the back or front of the PC. Holes 
can disrupt the airflow and decrease the effectiveness of the cooling systems. 
Speed—is the processor running at the correct speed? Running a processor at a 
higher clock speed can cause overheating. Double-check the voltage and timing 
settings in CMOS Setup. 

Environment—is the room unusually warm or dusty or is the PC positioned near 
a radiator or in direct sunlight? 


Thermal problems may also affect system operation by causing loose connectors to 
drift apart, components to move in their sockets, or circuit board defects such as 
hairline cracks to widen and break connections. Some of these faults can be 
detected by visual inspection. 


a Note: CPUs and other system components heat up while running. Take care not to 


burn yourself when handling internal components. 
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Activity 4-6 


Discussing System Component 
Troubleshooting 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What cause might you suspect if a PC experiences intermittent lockups? 


2. How might you diagnose a thermal problem? 


3. What measurement would you expect from a multimeter if a fuse is good? 


4. What might stop a POST from executing? 
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Activity 4-7 


Diagnosing Power Problems 


BEFORE YOU BEGIN 


Your instructor will provide you with a multimeter or power supply tester to use to test 
the output voltages from the PSU. This involves working with a live system. Follow the 
instructions carefully and do not touch parts of the computer when it is switched on. 


You will perform this activity at your WORKBENCH PC. 


SCENARIO 


You have been assigned several power problems to solve. 


1. Problem #1 When the user turns on the PC, it does not always come on and 
sometimes it just shuts itself down abruptly, with no warning. When she turns on 
the system again, there is no fan noise. She is using a legacy database application 
and the data is being corrupted during the improper shutdowns. 


What would you do to resolve this problem? 


2. Problem #2 A user is reporting an odor coming out of his computer. You have 
serviced this machine recently and replaced the computer's power supply unit. 


What would you do to resolve this problem? 


3. Problem #3 One of the other hardware technicians has been trying to 
troubleshoot a power problem. The system will not come on when the user turns 
on the power switch. He determined that the user has an ATX motherboard and 
power supply. You have been assigned to take over this trouble ticket. 


a) You will be using a multimeter to measure 5 and 12 Volts DC. Set your multimeter 
accordingly and attach its probes if required. 


b) Remove the PC from the electrical supply, then remove the case cover. 
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c) Find a spare Molex connector, or remove a Molex connector from a optical drive or 
hard disk drive. 


d) Insert the black (REF) probe into a black cable connector and the other probe into the 
yellow cable connector in the Molex. 


e) Turn on your multimeter. 
f) Reconnect the power cord to your PC and to building power, and turn it on. 
g) Take a reading and record the results here. 


h) Turn off your PC and repeat the above process for the red cable and write the result 
here: 


i) Are these recordings acceptable? 


4. Problem #4 The user turns on the power switch, but the PC does not come on. He 
does not hear the fan, there is no power light on, and he hears no beeps or other 
sounds coming from the system. His system is plugged into a surge protector. 


What would you do to resolve this problem? 


5. You also need to perform some routine testing of safety equipment. Using your 
multimeter, measure the resistance of your ESD kit's wrist strap cable, connecting 
the crocodile clip to the black probe and touching the red probe to the metal plate 
that makes contact with your skin. 


Why is it so high? 


6. Using your multimeter, measure the resistance of a fuse—your instructor will 
provide you with these. 


What does it mean if the reading is zero or over range? 
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Activity 4-8 


Diagnosing System Errors 


BEFORE YOU BEGIN 
You will perform this activity at your WORKBENCH PC. 


SCENARIO 


You are attempting to resolve problems for a user who has been reporting intermittent 
but severe system errors, such as frequent unexpected shutdowns. The problems have 
been getting more frequent, and you have been unable to pinpoint a cause within the 
system software, power supply, memory, or any adapter cards. You are starting to 
suspect that there is a bad CPU, and you need to proceed accordingly to get the user 
back to work with as little downtime and cost as possible. 


1. What initial steps should you take to identify and resolve a potential CPU 
problem? 
O Replace the CPU with a known-good processor. 
O Verify that the CPU fan and other cooling systems are installed and functional. 
O Replace the motherboard. 
CI Ifthe CPU is overclocked, throttle it down to the manufacturer-rated clock speed. 


2. All other diagnostic and corrective steps have failed. You need to verify that 
it is the CPU itself that is defective. What should you do? 


O Replace the CPU with a known-good chip. 
O Remove all the adapter cards. 

O Reinstall the operating system. 

O Replace the motherboard. 


3. A colleague suggests that you might want to view the symptoms of some different 
system errors. For each following components: 
1. Prepare to work inside the computer case. 
2. Remove or alter the component as described in the following steps. 
3. Restore power to the PC. 
4. Examine and record what happens. You can use Notepad or a separate sheet of 
paper if you like. 
5. Shut down and cut power to the PC. 
6. Reinstall or otherwise restore the component. 


4. Remove the system RAM from the motherboard. What happens? 
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5. Disconnect the hard disk drive from the motherboard. What happens? 


6. Rearrange the memory cards by putting them in different slots or removing one 
of them. What happens? 


7. Your instructor will now create a problem on your PC. Use your troubleshooting 


skills to try and solve it. Record what you found during the troubleshooting 
process. 
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Topic E 


Configure a Custom PC 


EXAM OBJECTIVES COVERED 
El 1001-3.8 Given a scenario, select and configure appropriate components for a custom PC 


configuration to meet customer specifications or needs. 
1001-3.9 Given a scenario, install and configure common devices. 


As a CompTIA A+ technician, you must be knowledgeable in many different areas of 
information technology. This may include supporting a wide variety of client 
configurations, such as gaming or audio and video workstations. You must be 
prepared to fully support any type of environment, including more specialized 
hardware and software configurations based on job roles and tasks. 


CLIENT PERSONAL COMPUTERS 


When installing and configuring user workstations, it is important to identify what the 
specific needs are of the user that will be using the workstation to perform job tasks. 
Standard clients are a good starting point for any installation and must be examined to 
verify that they fit the requirements of the job function. 


Standard business client computers are end-user computers that are administered 
and managed centrally by a server. 


You might be called on to set up or service any of the following client types: 


* Standard (thick) clients. A standard client (sometimes referred to as thick client 
to distinguish it from a thin client) is an ordinary office PC. It will be used to run 
locally installed desktop applications, such as office productivity (word processor, 
spreadsheet, and presentation) plus Line of Business software, email/calendaring/ 
contact management, and a web browser. 


When you are configuring a standard client, it is important to pay attention to the 
recommended Windows or Linux system requirements and to the software 
application requirements. Using the minimum OS requirements is likely to lead to 
poor performance. 


A standard client might be configured with multiple user accounts. These user 
accounts might be defined locally on each computer (a workgroup) or on a network 
directory server (a domain). Windows 10 also supports the use of Microsoft 
accounts, which use cloud services to synchronize settings and data across each of 
the Windows-based devices that a user signs in to. Each standard user account is 
allocated its own private data storage folders. Each account can be configured with 
different desktop settings and (if applicable) network permissions and privileges. 


If data is stored locally, then access to storage locations is required with a consistent 
pathway to data. Similarly, if data is stored on a network, then a consistent path 
should be established to the storage location with proper security implementations. 
* Thin clients. A thin client is a PC or appliance designed to act as an interface to 
applications that run on a network server. The client may be interfacing with 
particular software applications or with an entire Windows Desktop. This is referred 
to as Virtual Desktop Infrastructure (VDI). In this scenario, the only really 
important performance criteria for the thin client is the network link. The client PC 
does no application processing. It just transfers mouse and keyboard input to the 
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server and processes video and audio output coming back. The applications do not 
get installed on the computer and do not use up any hard drive space. RAM is used 
to run the application from the server. 


O Note: Virtualization is covered in greater detail later in the course. 


The client may be interfacing with particular software applications or with an entire 
Windows or Linux desktop. The client will have to meet the minimum requirements 
for installing the selected OS, but that is all. The computer might require specialized 
software in order to access the applications hosted by the server. The computer 
may also require a specific browser or browser version in order to run any web- 
based applications. 


O Note: Microsoft has a Thin Client version of Windows 7 but its minimum spec is 


actually the same as any other Windows 7 edition. It's worth noting that Microsoft 
stopped distinguishing between "minimum" and "recommended" system 
requirements. 


When the thin client starts, it boots a minimal OS, allowing the user to log on to a 
Virtual Machine (VM) stored on the company server infrastructure. The user 
makes a connection to the VM using some sort of remote desktop protocol 
(Microsoft Remote Desktop or Citrix ICA, for instance). The thin client has to find the 
correct image and use an appropriate authentication mechanism. There may be a 
1:1 mapping based on machine name or IP address or the process of finding an 
image may be handled by a connection broker. Consequently, to configure a thin 
client you need only install the thin client OS and configure the connection 
manager/broker. User accounts are created on the server rather than directly on 
the thin client itself. 


BUSINESS WORKSTATIONS 


The term workstation is sometimes used to describe a computer that runs more 
demanding applications than standard office suites. These systems typically have 
faster processors, more memory, and faster and larger drives than standard desktop 
systems. 


Most computers deployed for business use will fit one of the following profiles. 


Programming, development, and virtualization workstations. A workstation 
used to develop software or games will run one or more Integrated Development 
Environments (IDEs). It may also run a local database server application for testing. 
Consequently, these workstations require fast CPUs and mass storage access, plus 
plenty of system memory. 


Development work is also likely to require virtualization, so that the developer has 
access to multiple operating system environments for testing. Virtualization 
requires a lot of system memory. Each guest OS would typically need at least 1—2 
GB even for average performance. It also benefits from multiple CPU cores and 
multi-channel memory as well as a large, fast disk subsystem. 

Graphics and CAD/CAM design workstations. Media design workstations are 
configured to support the needs of graphic designers, engineers, architects, 3D 
media developers, and other design-driven job roles. A workstation used for 
different types of design will have to support applications with high CPU, GPU, and 
memory requirements. Such workstations also need a fast storage subsystem and 
are typically provisioned with Solid State Drives (SSDs), rather than older hard disks. 


Typical design applications include: 
* Image editing and illustration tools. 
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* Desktop Publishing (DTP) and web design. 
* Computer Aided Design (CAD). 
* Computer Aided Manufacturing (CAM). 


& Note: CAM workstations can control machine tools found in manufacturing 


environments. Specialized controller cards may be required as well as specialized 
connections and software. CAM machines may be installed in harsh environments 
—such as manufacturing buildings and automotive factories—so the workstations 
may need to be hardened machines that will not be adversely affected by their 
working environments. 


Design work will also often require specialist peripherals, such as a digitizer and 
styluses. Vendors often produce graphics adapters specially designed for use with 
CAD software. 

e Audio/Video editing workstations. A workstation used to edit Audio/Video (A/V) 
files, create animations, or produce music will have high performance 
requirements. These computers must be able to support the demanding editing 
programs that audio/video technicians use in post-production editing functions. 
Most professional videos taken today include special effects and CGI (computer 
generated imagery) that is all applied after the digital video is taken. 


Again, it is important not to overlook the disk subsystem, which can become a 
performance bottleneck as media files will often have to be streamed from the disk. 
Workstations will generally need 10 K or 15 K disks to perform well. Multimedia files 
are also extremely large, so the disk subsystem will have to be very high capacity. 
This means that the best performing Solid State Drive (SSD) storage may not be 
affordable at the capacities required. 


These workstations require specialized adapters to capture audio and video from a 
variety of sources. 


* An input/output (I/O) card allows audio/video input to be sampled and saved as 
a digital file. As with a consumer-level video capture card, an I/O card can use an 
HDMI or Thunderbolt connection to a recording device, but Serial Data Interface 
(SDI) over 75 ohm coax cabling is a more likely option for broadcast-quality 
equipment. 

* For music recording and production, professional-level sound cards, referred to 
as audio interfaces, feature numerous inputs, including 4" phone plugs to 
connect microphone and amplifier equipment, S/PDIF ports, and 5-pin DIN ports 
for MIDI equipment. Audio interfaces are usually provisioned as external units, 
connected to the PC over USB or Thunderbolt, to avoid the problem of electrical 
interference from PC components when making recordings. 


OTHER REQUIREMENTS 

You will also find other equipment might be required, such as: 

* Dual monitors. With all types of workstation, screen "real estate" is often at a 
premium. This means that they are often provisioned with two or more monitors. 

* RAID. As they are used to process critical data, where losing even an hour's work 
might represent a huge loss to the business, most workstations will be configured 
with a RAID disk system, to provide insurance against disk failure. 


COMPUTERS FOR HOME USE 


When not used solely for school homework, web browsing, and email, home 
computers are often specified as media centers or gaming rigs. When used for media 
streaming or gaming, these systems often require fast video, storage, and network 
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connections. A home network might also have network attached storage or servers 
from which files can be shared. 


Most media center or gaming computers deployed for home use will fit one of the 
following profiles. 


* Home theater PCs, home server PCs, and NAS. 


A home theater PC (HTPC) can be used in place of consumer appliances such as 
personal video recorders (PVR) to watch and record TV broadcasts and play 
movies and music, either from local files or from streaming Internet services. The 
PC will need to be equipped with an appropriate TV tuner card to process the 
incoming TV signal (broadcast, cable, or satellite) and usually comes with a 
remote control (and peripherals such as the mouse and keyboard would 
normally be wireless). The HTPC is usually equipped with specific entertainment 
software that can be used to manage the music and video files stored on the 
computer. The PCs are generally located near the TV and other home 
entertainment devices and have a HTPC form factor, which is aesthetically 
appealing and designed to look similar to other home entertainment devices. 
They are also designed to be less noisy than a traditional PC, with more compact 
quieter cooling methods and the addition of sound dampening foam or padding 
to limit excessive noise generated by the fan and hard drive. 

A home server PC is either an HTPC with a slightly expanded role or a 
repurposed desktop or low-end PC server used primarily for file storage, media 
streaming, and printer sharing. Such PCs do not need to be particularly powerful 
in terms of CPU and memory, but they will need a good network link. Most 
would also be configured with RAID storage to reduce the risk of losing valuable 
movie and audio files, even though there should be a backup system in place to 
protect against theft, fire, or accidental deletion. 

There are also purpose-built devices to fill a home server role. A Network 
Attached Storage (NAS) appliance is a hard drive (or RAID array) with a cut- 
down server board, usually running some form of Linux, that provides network 
access, various file sharing protocols, and a web management interface. The 
appliance is accessed over the network, either using a wired Ethernet port or Wi- 
Fi. In a SOHO network you would plug the NAS device into an Ethernet port on 
the Internet router. 


Note: Most network adapters (or Network Interface Cards [NIC]) in machines from 

Q the last few years will be Gigabit Ethernet capable. It may be worth upgrading the 
adapter on an older machine but you need to bear in mind that many of the 
SOHO Internet router appliances come with Fast Ethernet switch ports (100 Mbps) 
rather than Gigabit ones. It will usually make more sense to install two adapters 
and bond them. The vast majority of homes will be using Wi-Fi streaming in any 
case and the most useful upgrade will be to 802.11n or 802.11ac. 


As well as sharing the disk resource, a NAS box will usually be able to share a 
printer. It will also be able to make files available over the Internet, using HTTP or 
FTP. Care needs to be taken to secure the device and the router/firewall properly 
if this is the case. 


Some NAS devices and home server PCs can stream media files to wireless 
speakers or an IP-enabled TV (or various other types of media player). A 
streaming media server will have higher demand for CPU, memory, and 
bandwidth than an ordinary file server. 
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Most SOHO Internet router appliances can perform a basic file and printer sharing function, 
using USB-attached storage. (Screenshot courtesy of TP-Link.) 
* Gaming PCs. 


* APC built for gaming is almost always based around the latest graphics adapter 
technology. Of course, the latest games tend to be able to make the latest 
graphics technology obsolete within a few months of release, so upgrade 
potential is a key characteristic of these systems. PC games feature lots of media 
assets that must be loaded from permanent storage so a fast drive technology 
such as a Solid State Drive (SSD) is preferable to slower hard disks (HDD). 


Gaming PCs will share some of the traits of a home theater PC: surround sound 
audio and a high quality display. There are also gaming-oriented peripherals, 
such as keyboards and mice. Many games also benefit from headsets, so that 
players can bark instructions at one another as they eliminate enemies over the 
Internet. Low-latency, high bandwidth Internet access is almost as important to 
the average gamer as the frame rate the system's GPU can achieve. 

The addictive nature of PC games means that the processors are very highly 
utilized, or thrashed for considerable periods of time. Some gamers are also 
fond of overclocking components to obtain better performance. All this means 
that a gaming PC will generate more heat than most other types of computer. It 
is not unusual for them to use more powerful fans (which must run silently of 
course) or liquid cooling. 

* There are many different peripherals used within the gaming world. The most 
common ones include the mouse and keyboard, but there are others that may be 
used depending on the type of game played. These might include: 

* Gaming mice that are either wired or wireless and include many buttons and 
different ergonomic form factors. 

* Customized keypads, with moveable keys. 

* Steering wheels used for auto racing games. 

* 3D glasses. 

* Specialized gaming mouse pads. 

* Specialized audio system. 

* PC video camera. 
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GUIDELINES FOR SELECTING COMPONENTS FOR A CUSTOM 
PERSONAL COMPUTER 


Note: All of the Guidelines for this lesson are available as checklists from the Checklist 
Vf tile on the CHOICE Course screen. 


Here are some guidelines to consider when selecting components for custom personal 
computers. 


SELECT COMPONENTS FOR A CUSTOM COMPUTER 
Follow these guidelines when selecting components for a custom computer: 
* Verify that the computer meets or exceeds the operating system and application 
requirements. This should include the fastest and most reliable: 
* RAM 
« CPU 
* Storage subsystem 
* Video subsystem, including a fast refresh rate on the monitor 
* Verify you know what the main intention of the computer will be for. It might be for 
CAD/CAM, A/V editing, watching TV and movies, or gaming. While each of these 
types of custom computers require better performance than the average PC, each 
will likely have specific requirements that should be verified with the end user. 
* Consider installing additional cooling mechanisms to keep the system from 
overheating. 
* Verify that the network card, the router, and the network cabling or WiFi signal are 
all capable of the highest possible speed. 
* Consider purchasing specialized devices for the work that will be performed on the 
custom computer. This might include specialized keyboards, mice, or other 
adapters to connect specific devices such as MIDI instruments, video cameras, or 
manufacturing machines, to name just a few. 
Implement a RAID system to help ensure data is not lost. This should be in addition 
to performing regular backups that are securely stored off site. 


>) Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 


that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
VS and job aids on How to Configure Thick and Thin Client Personal Computers. 
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Activity 4-9 


Discussing Custom PC Configuration 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Which component is likely to be a performance bottleneck on a workstation 
used to edit digital movies? 


2. For what type of workstation is a CPU with 4 or more cores particularly well 
suited? 


3. You are specifying a PC to act as a home theater. What multimedia outputs 


should it support? 


4. Which factors are most likely to make a PC used for gaming require high-end 
cooling? 


5. Ona thin client, which component is more important: NIC or HDD? 


6. Why might high-spec components (CPU, memory, RAID) not be a good idea in 
a home theater PC? 
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Activity 4-10 


Selecting Components for Custom 
Workstations 


SCENARIO 


You have been asked by your manager to evaluate the hardware and software needs 
for all the clients within the Human Resources (HR) department of your organization. 
There was a recent reorganization of the department, and some of the job roles and 
functions have changed. Based on the recent changes, you need to review the job 
functions and identify what type of client workstation will meet those needs. 


1. A user needs to be able to access the central employee data repository to 
run reports, but does not need access to any local applications used to 
create, edit, and manage the employee data. The employee data is managed 
on a server that can be accessed with a log in. What type of client is best in 
this case? 


O Thin client 
O Virtualization workstation 
O Thick client 


2. June has recently been put in charge of making updates to the Human 
Resource employee benefits website. She will be publishing a monthly 
newsletter and posting company-wide announcements, among other small 
updates and changes, on a regular basis. All changes to the website must be 
tested on a number of platforms and web browsers to verify that the 
changes are correct regardless of the operating system and browser. What 
type of client setup would you suggest for her? 


3. In order to properly support the HR employee benefits website, a new server 
running client VMs has been installed so that the environment that the 
application requires can be strictly administered by IT staff. Current PCs will 
be used to access the Client VM environment that is configured on the VM 
Server. What needs to be present at all PCs that will be accessing this new 
server and application? 


O Appropriately configured VM Client. 
[C] Fast network connection to server hosting the VM environment. 


E Upgrade to video cards. 
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True or False? The HR manager's client computer must meet the 
recommended requirements to run Windows 10 so that she can access and 


use all of the HR-related applications used by the organization. In this case, 
the best client option is a thick client. 
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Activity 4-11 


Selecting Components for Custom 
Personal Computers 


SCENARIO 


You are a support technician for a local business that specializes in consulting, 
purchasing, and installing home computing solutions for consumers. You are 
responsible for fulfilling all the orders that have come in overnight through the 
business' website. 


1. Customer 1 is using a desktop PC to play home movies and to set up slide shows 
to show his family their vacation photos and is having difficulty with the computer 
freezing during the movies. He is looking for a solution that will allow him to store 
and play his movies seamlessly through a computer. He also wants his wife to be 
able to access the pictures and movies from her laptop within the house. 


What type of computer setup would you suggest for this customer? What 
specific questions might you ask this customer about additional component 
needs? 


2. Customer 2 is from a small real estate office who has recently hired a graphic 
designer to produce informational pamphlets and other marketing materials for 
the agency, such as property drop sheets and circular layout designs. The office 
manager has asked your company to determine the hardware and software 
needs for the designer's workstation so that it can be ordered and set up before 
their scheduled start date in two weeks. 


What hardware and software requirements would you suggest for the 
graphic designer's workstation? 
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Customer 3 is looking to make the switch from a traditional TV cable box and DVD 
player to a home theater PC, so that she can stream Netflix and record shows and 
movies from her TV. She already purchased a computer from a local home 
entertainment store but cannot figure out why she cannot connect the cable TV 
wire into the computer. 


What would you check for first? 
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Summary 


In this lesson, you installed, configured, and performed troubleshooting on internal 
system components such as CPUs, system firmware, and power supplies, You also 
examined the requirements for configuring custom PCs for specific uses. Your ability 
and comfort level in performing these types of hardware support will make you a 
valuable asset to your IT team. 


Which system firmware have you worked with, if any? What types of 
configuration did you perform? 


What types of custom client setups do you think you will encounter the most in 
your role as an A+ technician? 


Practice Question: Additional practice questions are available on the CompTIA CHOICE 
platform within the Assessments tile. 
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Lesson 5 


Installing, Configuring, and Troubleshooting 
Print Devices 


LESSON INTRODUCTION 


Despite predictions that computers would bring about a paperless office environment, the need to 
transfer digital information to paper or back again remains as strong as ever. Therefore, printing is 
still among the most common tasks for users in almost every home or business environment. As a 
CompTIA? A+® certified professional, you will often be called upon to set up, configure, and 
troubleshoot printing environments, so you will need to understand printer technologies as well as 
know how to perform common printer support tasks. 


As a professional support technician, you might be supporting the latest cutting-edge technology, 
or you might be responsible for ensuring that legacy systems continue to function adequately. So, 
you must be prepared for either situation and be able to provide the right level of support to users 
and clients. Having a working knowledge of the many printer technologies and components will 
help you to support users' needs in any technical environment. 


LESSON OBJECTIVES 

In this lesson, you will: 

e Maintain laser printers. 

* Maintain inkjet printers. 

* Maintain impact, thermal, and 3D printers. 
e Install and configure printers. 

* Troubleshooting print device issues. 


e Install and configure imaging devices. 
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Topic A 


Maintain Laser Printers 


EXAM OBJECTIVES COVERED 
Fl 1001-3.6 Explain the purposes and uses of various peripheral types. 


1001-3.11 Given a scenario, install and maintain various print technologies. 


Before you can provide the right level of support, you must fully understand how these 
systems are used in a production environment. You need to understand how the 
various components work within a printer to provide the desired outputs. In this topic, 
you will identify components of, and the print process for, laser printer technologies. 


PRINTER TYPES 


A printer is a device that produces text and images from electronic data onto physical 
media such as paper, photo paper, and labels. A printer output of electronic 
documents is often referred to as hard copy. Printers employ a range of technologies; 
the quality of the print output varies with the printer type and generally in proportion 
to the printer cost. 


A printer type or printer technology is the mechanism used to make images on the 
paper. The most common types for general home and office use are inkjet (or ink 
dispersion) and laser, though others are used for more specialist applications. Some 
of the major print device vendors include HP, Epson, Canon, Xerox, Brother, OKI, 
Konica/Minolta, Lexmark, Ricoh, and Samsung. 

There are many types of printers. Each type of printer, and each printer from different 
manufacturers, implements the printing process slightly differently. All of the printers 
will have the following common components: 

* Aconnection to computing devices. 

* A mechanism for creating text and images. 

* A paper feed mechanism. 

e Paper input and output options. 


Each of these will be discussed in detail throughout this lesson. 


PRINTER FEATURES 


The following criteria are used to select the best type and model of printer. 


SPEED 

The basic speed of a printer is measured in Pages Per Minute (ppm). You will see 
different speeds quoted for different types of output (for example, pages of 
monochrome text will print more quickly than color photos). 


INTERFACES 


Almost all printers support USB, but printer models designed for workgroups also 
support network connections, usually at a higher cost than standard models. Wireless 
connections may also carry a price premium. 
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IMAGE QUALITY 


The basic measure of image quality is the maximum supported resolution, measured 
in dots per inch (dpi). Printer dots and screen image pixels are not equivalent. It 
requires multiple dots to reproduce one pixel at acceptable quality. Pixel dimensions 
are typically quoted in pixels per inch (ppi) to avoid confusion. Vertical and horizontal 
resolution are often different, so you may see figures such as 2400x600 quoted. The 
horizontal resolution is determined by the print engine (that is, either the laser 
scanning unit or inkjet print head); vertical resolution is determined by the paper 
handling mechanism. 


The minimum resolution for a monochrome printer should be 600 dpi. Photo-quality 
printers start at 1200 dpi. 


Resolution is not the only factor in determining overall print quality, however 
(especially with color output). When evaluating a printer, obtain samples to judge text 
and color performance. 


Note: Image quality needs to be matched to use. The best quality will be correspondingly 
expensive. Always request sample sheets when evaluating a printer. 


PAPER HANDLING 


Paper handling means the type of paper or media that can be loaded. It may be 
important that the printer can handle labels, envelopes, card stock, acetate, and so on. 
The amount of paper that can be loaded and output is also important in high volume 
environments. Overloaded output trays will cause paper jams. If the output tray is low 
capacity, this could happen quite quickly in a busy office. 


TOTAL COST OF OWNERSHIP (TCO) 


TCO is the cost of the printer over its lifetime, including the cost of replacement 
components and consumables. It is important to know how a printer will be used to 
work out TCO. 


OPTIONS 


Options might include additional memory, duplex (double-sided) printing, large format 
(A3 and greater), binding, and so on. These may be fitted by default or available for 
additional purchase as optional extras. 


MULTI-FUNCTION DEVICE (MFD) 


An MED is a piece of office equipment that performs the functions of a number of 
other specialized devices. MFDs typically include the functions of a printer, scanner, fax 
machine, and copier. However, there are MFDs that do not include fax functions. 
Although the multifunction device might not equal the performance or feature sets of 
the dedicated devices it replaces, multi-function devices are very powerful and can 
perform most tasks adequately and are an economical and popular choice for most 
home or small-office needs. 


LASER PRINTERS 


A laser printer is a printer that uses a laser beam to project (or "draw") a latent image 
onto an electrically charged drum; toner adheres to the drum and is transferred onto 
the paper as the paper moves through the mechanism at the same speed the drum 
rotates. The toner is fixed using high heat and pressure, creating a durable printout 
that does not smear or fade. 
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Laser printers are one of the most popular printer technologies for office applications 
because they are cheap (both to buy and to run), quiet, and fast, and they produce 
high quality output. There are both grayscale and color models. 


LASER PRINTER IMAGING PROCESS 


In the laser printing process, laser printers print a page at a time using a combination 
of electrostatic charges, toner, and laser light. The laser print process follows the steps 
detailed in the following sections. 


Toner supply | SN 
T Corona wires 


charging the drum 


Corona wires Fusing unit uses heat 
and pressure to 


charging the drum adhere toner to paper 


Paper source 


The laser print process. 


PROCESSING 

Like most printers, laser printers produce their printed output in a series of dots. The 
computer encodes the page in a printer language and sends it to the printer. The 
printer's formatter board processes the data to create a bitmap (or raster) of the page 
and stores it in the printer's RAM. 


The entire laser printer cycle takes place in one smooth sequence but, since the 
circumference of the drum that processes the image is smaller than a sheet of paper, 
the process must be repeated 2-4 times (according to size) to process a single page. 


CHARGING (CONDITIONING) 

The electrostatic photographic (EP) drum, or imaging drum is conditioned by a 
corona wire powered by a high voltage power supply assembly. The corona wire 
applies a uniform -600 V electrical charge across the drum's surface. A laser printer has 
a power supply capable of generating very high voltages. It converts the supplied 
current to optimal AC and DC voltages for specific components, such as the corona 
wire. 


Note: The charging corona is also referred to as the primary corona. On most modern 
printers, the function of the charging corona wire is actually performed by a metal roller 


with a rubber coating—the Primary Charge Roller (PCR). 
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EXPOSING (WRITING) 


The surface coating of the photosensitive drum loses its charge when exposed to light. 
A laser neutralizes the charge that was applied by the corona wire selectively, dot-by- 
dot and line-by-line, as the drum rotates. The laser-scanning assembly houses a small, 
low-power laser, similar to that used in an optical drive. As the laser receives the image 
information, it fires a short pulse of light for each dot in the raster. The pulsing light 
beam is reflected by a rotating polygonal mirror through a system of lenses onto the 
photosensitive drum. The drum ends up with a whole series of raster lines with 
charge/no-charge areas that represent an electrostatic latent image of the image to 
be printed. 


DEVELOPING 


Laser (and photocopier) toner is composed of a fine compound of dyestuff and either 
wax or plastic particles. The toner is fed evenly onto a magnetized roller (the 
developer roller) from a hopper. 


The developer roller is located very close to the photosensitive drum. The toner carries 
the same negative charge polarity as the drum, which means that, under normal 
circumstances, there would be no interaction between the two parts. However, once 
areas of charge have been selectively removed from the photosensitive drum by the 
laser, the toner is attracted to them and sticks to those parts of its surface. The drum, 
now coated with toner in the image of the document, rotates until it reaches the paper. 


TRANSFERRING 


The paper transport mechanism includes components such as gears, pads, and rollers 
that move the paper through the printer. Paper loaded into a tray should be held by 
media guides. The printer uses sensors from the guides to detect the paper type. 
Different trays may support different types, sizes, and thicknesses of media. Pickup 
components lift a single sheet of paper from the selected input tray and feed it into the 
printer. To do this, a pickup roller turns once against the paper stack, pushing the 
paper into a feed and separation roller assembly (the manual feed tray uses a 
separation pad rather than rollers). This assembly is designed to allow only one sheet 
to pass through. 


Pickup, feed, and separation rollers on an HP 5Si laser printer. 
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When the paper reaches the registration roller, a signal tells the printer to start the 
image development process. When the drum is ready, the paper is fed between the 
photosensitive drum and the high voltage transfer roller (or secondary corona). The 
transfer roller applies a positive charge to the underside of the paper. This causes the 
toner on the drum to be attracted to the paper. As the paper leaves the transfer 
assembly, a static eliminator strip (or detac corona) removes any remaining charge 
from the paper, which might otherwise cause it to stick to the drum or curl as it enters 
the fuser unit. 


FUSING 


From the drum and transfer assembly, the paper passes into the fuser assembly. The 
fuser unit squeezes the paper between a hot roller and a pressure roller so that the 
toner is fused, or melted, onto the surface of the paper. The hot roller is a metal tube 
containing a heat lamp; the pressure roller is typically silicon rubber. The heat roller 
has a Teflon coating to prevent toner from sticking to it. 


CLEANING 


To complete the printing cycle, the photosensitive drum is cleaned to remove any 
remaining toner particles using a cleaning blade, roller, or brush resting on the 
surface of the drum. Any residual electrical charge is removed using either a discharge 
(or erase lamp) or the primary charge roller. 


DUPLEX PRINTING AND PAPER OUTPUT PATH 


When the paper has passed through the fuser, if a duplexing assembly unit is 
installed, it is turned over and returned to the developer unit to print the second side. 
Otherwise, the paper is directed to the selected output bin using the exit rollers. 


If there is no auto duplex unit, the user can manually flip the paper stack. When duplex 
mode is selected for the print job, the printer pauses after printing the first side of 
each sheet. The user must then take the printed pages and return them (without 
changing the orientation) to the same input paper tray. Once this is done, the user 
resumes the print job. 


COLOR LASER PRINTERS 


Color laser printers, once very highly priced and positioned at the top end of the 
market, are becoming more affordable, with medium quality, entry-level models priced 
competitively against inkjet equivalents. Color lasers use separate color toner 
cartridges (Cyan, Magenta, Yellow, and Black) but employ different processes to create 
the image. Some may use four passes to put down each color; others combine the 
colors on a transfer belt and print in one pass. 


LED PRINTERS 


A traditional laser printer uses a laser with a rotating mirror and prisms to scan across 
each raster line. An LED printer uses a fixed array of tiny Light Emitting Diodes (LED) to 
create the light pulses for each dot in each scan line. Vendors claim that with fewer 
moving parts, LED printers can be more reliable than lasers, but damage to the LED 
array is expensive to repair. LED printers are usually much lighter than laser printers, 
however, and print speeds can be a bit faster. 


LASER PRINTER MAINTENANCE TASKS 


As devices with moving parts and consumable items that deplete quickly, printers need 
more maintenance than most other computer devices. Printers generate a lot of dirt— 
principally paper dust and ink/toner spills—and consequently require regular cleaning. 
Consumable items also require replacing frequently under heavy use. To keep them 
working in good condition requires a regular maintenance schedule and user training. 
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One of the first steps in maximizing the lifetime of a printer is to train users to treat it 
with sufficient care and attention. Depending on the environment, users might be 
expected to perform basic maintenance tasks—such as reloading paper and changing 
cartridges. Typical problems include: 


* Overloading input trays or output trays (not collecting completed jobs promptly). 

+ Using unsuitable media—for example, card stock or labels in an auto-feed tray. 

e Using creased, folded, or dirty paper. 

* Breaking trays or covers. 

* Inserting ink or toner cartridges incorrectly. 

It is also easy for users to be confused by settings such as default paper size, form-to- 


tray assignment, duplex printing, printing to labels or envelopes, collating multiple 
copies, and dealing with paper jams. 


Note: For best results and to stay within warranty, use branded supplies designed for the 
specific model of printer. 


Most laser printers benefit from regular, routine maintenance to ensure optimum print 
quality. 


LOADING PAPER 


The printer will report when a tray runs out of paper. When loading new paper, 
remember the following guidelines: 


* Use good quality paper designed for use with the model of printer that you have 
and the printing function. 

* Do not overload a paper tray. 

* Do not use creased, dirty, or damp paper. 

* Refer to the instruction manual when loading non-standard print media, such as 
transparencies or envelopes. Make sure this type of material is oriented correctly to 
avoid wasting stocks. 


You will also need to deal with paper jams. The printer's status panel will indicate what 
area of the printer is jammed. Check the instruction manual to find out how to remove 
any components that might prevent you from removing the paper. 


Note: Do not allow a jammed page to rip! If a page is stuck in the fuser or developer 
unit, look for a release mechanism or lever. 


REPLACING THE TONER CARTRIDGE 


Laser printer toner is a fine powder made of particles of iron, carbon, and resin. Laser 
printers require a toner cartridge, which is a single, replaceable unit that contains 
toner as well as additional components used in image production. You will need to 
maintain a supply of the proper toner cartridges for your printer model. Refill or 
recycle empty toner cartridges; do not dispose of them in regular trash. 


Users can change toner cartridges, but everyone should follow proper handling 
procedures, which are usually printed right on the cartridge. When toner is low, the 
printer will display a status message advising you of the fact. Frugal departments may 
continue printing until the actual output starts to dip in quality. Removing the cartridge 
and rocking gently from front-to-back can help to get the most out of it. 


To replace the toner cartridge, remove the old cartridge by opening the relevant 
service panel and pulling it out. Place the cartridge in a bag to avoid shedding toner 
everywhere. Color lasers will usually have four cartridges for the different colors, which 
can be replaced separately. 
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Accessing the toner cartridge on a printer. (Image by Andriy Popov © 123RF.com.) 


Take the new cartridge and remove the packing strips as indicated by the instructions. 
Rock the cartridge gently from front-to-back to distribute the toner evenly. Insert the 
cartridge, close the service panel, turn on, and print a test page. 


If possible, dispose of old cartridges by recycling them. 


Note: The replacement cartridge often incorporates both toner and the photosensitive 
drum. An integrated toner cartridge/drum unit is light-sensitive. If you remove it, place it 


in its storage bag or in a dark area. Remove the cartridge for as short a time as possible. 


CLEANING A PRINTER 


The manufacturer's recommendations for cleaning and maintenance must always be 
followed, but the following guidelines generally apply: 


+ Unplug the printer before cleaning or performing routine maintenance. 

+ Use a damp cloth to clean exterior surfaces. 

* Do not use volatile liquids such as thinners or benzene to clean the interior or 
exterior of the printer. Use only approved cleaning solutions or solvents specifically 
designed for the job. 

* The inside of the printer may be hot—take care. 

+ Wipe dust and toner away with a soft cloth. DO NOT use an ordinary domestic 
vacuum cleaner. Toner is conductive and can damage the motor. Toner is also so 
fine that it will pass straight through the dust collection bag and back into the room. 
Use an approved toner safe vacuum if necessary. 


Note: Do not use compressed air or an air blaster to clean a laser printer! You 
oe risk blowing toner dust into the room, creating a health hazard. Compressed air 
should only be used in a controlled environment with appropriate safety masks and 
goggles. 
* If toner is spilled on skin or clothes, wash it off with COLD water. Hot water will 
open the skin's pores and push the toner into the skin. 
* Use IPA (99% Isopropyl Alcohol solution) and non-scratch, lint-free swabs to clean 
rollers. Take care not to scratch a roller. 
* Check the manufacturer's recommendations for replacing the printer's dust/ozone 
filters (if fitted). 
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CALIBRATING A PRINTER 


Calibration is the process by which the printer determines the appropriate print 
density or color balance (basically, how much toner to use). Most printers calibrate 
themselves automatically. If print output is not as expected, you can often invoke the 
calibration routine from the printer's control panel or its software driver. 


REPLACING THE MAINTENANCE KIT 


A maintenance kit is a set of replacement feed rollers, new transfer roller, and a new 
fuser unit. The feed rollers guide paper through the printer assembly. When they begin 
to wear out, paper jams become more frequent. Wear on the fuser or rollers is also 
evidenced by consistent marks on print output or excess toner "blobs" appearing on 
sheets. 


Replacement of the maintenance kit is guided by the printer's internal record of the 
number of pages that it has printed (copy count). The printer's status indicator will 
display the message "Maintenance Kit Replace" at this point. 


Before replacing the kit, turn off the printer, disconnect from the power, open the 
service panels, and allow it to cool (the fuser unit becomes extremely hot and may 
cause burns). Remove the old fuser and rollers and clean the printer. Install the fuser 
and new rollers (don't forget to remove the packing strips), following the instructions 
carefully. 


An example of a maintenance kit with feed rollers, new transfer rollers and a new fuser unit. (Image by 
Inga Tihonova © 123RF.com.) 


Once you have replaced the maintenance kit, start the printer up and print a test page 
to check functionality. Use the property sheet or the printer's control panel menu (for 
example, the Configuration menu on an HP printer) to reset the page count to zero. 


As with toner cartridges, try to use a recycling program to dispose of the fuser unit in 
an environmentally responsible manner. 
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Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vf and job aids on How to Maintain Laser Printers. 
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Activity 5-1 


Discussing Laser Printer Maintenance 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Why isa laser printer better suited to most office printing tasks than an 
inkjet? 


2. What makes the power supply in a printer different to that used in a PC? 


3. How is the imaging drum in a laser printer charged? 


4. What is the removal of the charge from the photosensitive drum by a laser 


called? 


5. What is the process of image transfer? 


6. What must you do before installing a new toner cartridge into a printer? 


7. Which components are provided as part of a laser printer maintenance kit? 
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Topic B 


Maintain Inkjet Printers 


EXAM OBJECTIVES COVERED 
Fl 1001-3.11 Given a scenario, install and maintain various print technologies. 


Inkjets are often used for good-quality color output and domestic use. Inkjets are 
typically cheap to buy but expensive to run, with high cost consumables such as ink 
cartridges and high-grade paper. Compared to laser printers, they are slower and often 
noisier, making them less popular in office environments, except as a cheap option for 
low volume, good quality color printing. 


INKJET PRINTERS 


An inkjet—or more generally ink dispersion—printer forms images by firing 
microscopic droplets of liquid ink out of nozzles mounted together on a carriage 
assembly that moves back and forth across the paper. The printer can use heat or 
vibrations to release the ink. 


Color images are created by combining four inks, referred to as CMYK (Cyan, Magenta, 
Yellow, and Black [K]). The inks are stored in separate reservoirs, which may be 
supplied in single or multiple cartridges. 


Note: The "K" in CMYK is usually explained as standing for "key," as in a key plate used to 
align the other plates in the sort of offset print press used for professional color printing 


in high volumes. It might be more helpful to think of it as "black," though. 


There are many types of inkjet printers, ranging from cheaper desktop models, 
through "prosumer" high quality photo printers, to large format, commercial print 
solutions. Higher quality printers feature additional ink colors (light magenta and light 
cyan). These help to produce a wider range of colors (gamut). 


INKJET PRINTER IMAGING PROCESS 


Inkjets work by firing microscopic droplets of ink (about 50 microns in size) at the 
paper. The process creates high quality images, especially when specially treated paper 
is used, but they can be prone to smearing and fading over time. 


An inkjet print head is composed of a series of very small holes or nozzles, behind 
which can be found a reservoir of ink. Under normal conditions, the ink cannot flow 
though the nozzles because the gap is very small, and the ink reservoir is kept at a 
pressure slightly below that of the ambient pressure. Characters are formed when a 
small controlled amount of ink is forced through voltage-charged deflection plates and 
onto the paper. By synchronizing this action with the movement of the print head 
across the paper, text and images can be built up in a series of differently shaded or 
colored dots. 


Inkjet printers are line printers—where laser printers are page printers—because they 
build up the image line-by-line (or at least, row-by-row). A stepper motor moves the 
print head across the page, advancing a tiny amount each time. On some types of 
printer, ink is applied when the print head moves in one direction only (unidirectional); 
on others, ink is applied on both the "outward" and "return" passes over the page 
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(bidirectional). When a line or row has been completed, another stepper motor 
advances the page a little bit and the next line or row is printed. 


If the printer has been idle for some time (or when it is first started up), it applies a 
cleaning cycle to the print head to remove any dried or clogged ink. This means 
pushing ink through all the print heads at once then wiping it away into a waste ink 
collector. The cleaning cycle can also be invoked manually through the printer control 
panel or driver. 


Ink is sprayed 
onto the paper 


Printhead 
and reservoir 


The inkjet printing process. 


COMPONENTS OF INKJET PRINTERS 


There are two main Ink Delivery Systems (IDS). The charge (or piezoelectric) method is 
used by Epson. The thermal method is used by HP, Canon (who refer to it as 
Bubblejet), and Lexmark. Each of these four vendors has licensed their inkjet 
technology to several other vendors or produce re-branded versions of their printers. 


THERMAL PRINT HEADS 


With the thermal method, the ink at the nozzle is heated, creating a bubble. When the 
bubble bursts, it sprays ink through the nozzle and draws more ink from the reservoir. 
In general, thermal inkjet print heads are cheaper and simpler to produce, but the 
heating elements have a relatively short life. Most thermal printers use a combined 
print head and ink reservoir. When the ink runs out, the print head is also replaced. 


PIEZOELECTRIC PRINT HEADS 


In the Epson design, the nozzle contains a piezoelectric element, which changes shape 
when a voltage is applied. This acts like a small pump, pushing ink through the nozzle 
and drawing ink from the reservoir. 


INK CARTRIDGES 


Inkjet print heads are often considered consumable items. Often this is unavoidable 
because the print head is built into the ink cartridge, as is the case with most (but not 
all) thermal print heads. Epson piezoelectric print heads are non-removable and 
designed to last as long as the rest of the printer components. 
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As well as containing ink, the ink reservoir has sensors to detect the level of ink 
remaining. A color printer has at least four ink reservoirs (Black, Cyan, Magenta, and 
Yellow). The four ink reservoirs may come in a single cartridge or there may be 
separate cartridges for black and colored ink or each ink may come in its own 
cartridge. 


Ink cartridges. (Image by © 123RF.com.) 


CARRIAGE SYSTEM 

The print head is moved back and forth over the paper by a carriage system. This 
comprises a stepper motor (to drive the system), a pulley and belt (to move the print 
head), a guide shaft (to keep the print head stable), and sensors (to detect the position 
of the print head). A flat ribbon data cable connects the print head to the printer's 
circuit board. 


There may also be a lever used to set the platen gap or the printer may adjust this 
automatically depending on driver settings. The platen gap is the distance between the 
print head and the paper. Having an adjustable platen gap allows the printer to use 
thicker media. 


The carriage mechanism in an inkjet printer. (Image by Erik Bobeldijk © 123RF.com.) 
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PAPER HANDLING AND DUPLEXING ASSEMBLY 


Most inkjets only support one paper path, with single input and output trays, though 
some have automatic duplexers, and some may have accessory trays. Printers are 
generally split between models that load from the top and output at the bottom and 
those that have both input and output bins at the bottom and turn the paper (an "up- 
and-over" path). 


The paper pickup mechanism is quite similar to that of a laser printer. Paper is fed into 
the printer by an AutoSheet Feeder (ASF) mechanism. A load roller turns against the 
paper stack to move the top sheet while a separation roller prevents more than one 
sheet entering. 


When the paper is sufficiently advanced, it is detected by a sensor. Feed rollers and 
sensors then ensure the paper is positioned correctly for printing to begin. The stepper 
motor controlling the paper feed mechanism advances the paper as the print head 
completes each pass until the print is complete. 


The eject rollers then deliver the paper to the duplexing assembly (if installed and 
duplex printing has been selected) or the output bin. Some inkjets with a curved paper 
path may have a "straight-through" rear panel for bulkier media. 


INKJET PRINTER MAINTENANCE TASKS 


Inkjets do not usually handle such high print volumes as laser printers, so maintenance 
focuses on paper stocking and replacing or refilling ink cartridges, which always seem 
to run down very quickly. Manufacturers recommend not trying to clean inside the 
case as you are likely to do harm for no real benefit. The outside of the printer can be 
cleaned using a soft damp cloth. 


LOADING PAPER 


Inkjets tend to have smaller paper trays than laser printers and so can need restocking 
with paper more often. Most inkjets can use "regular" copier/laser printer paper but 
better results can be obtained by using less absorbent premium grades of paper stock, 
specifically designed for inkjet use. Often this type of paper is designed to be printed 
on one side only—make sure the paper is correctly oriented when loading the printer. 


As with laser printers, you will also need to clear paper jams. With an inkjet, it is usually 
easy to see exactly where the paper has jammed. If the sheet will not come out easily, 
do not just try to pull it harder—check the instruction manual to find out how to 
release any components that might prevent you from removing the paper. 


REPLACE INKJET CARTRIDGES 


When the inkjet's driver software determines that a cartridge is empty, it will prompt 
you to replace it. Check the printer's instruction manual for the correct procedure. 


OTHER INKJET MAINTENANCE OPERATIONS 


Two other operations may be required periodically. 


* Print head alignment—if output is not aligned correctly, use the print head 
alignment function from the printer's property sheet to calibrate the printer. This is 
typically done automatically when you replace the ink cartridges. 

* Print head cleaning—a blocked or dirty nozzle will show up on output as a missing 
line. Use the printer's cleaning cycle (accessed via the property sheet or control 
panel) to try to fix the problem. If it does not work, there are various inkjet cleaning 
products on the market. 
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dah EPSON S22 Series Printing Preferences x 


<7 Shortcuts Hh Main $$ Advanced [T] Page Layout “ Maintenance 
EPSON Status Monitor 3 


Use this utility to automatically check for errors and also check 
the level of ink remaining. 


Nozzle Check 
Use this utility if gaps or faint areas appear in your printout. 


Head Cleaning 


te 
k Use this utility if your print quality dedines or the Nozzle Check 
indicates dogged nozzles. 


Print Head Alignment 

PA) Use this utiity if misaligned vertical ines appear in your 
= printout. 

| Ink Cartridge Replacement 

o Use this utility to replace an ink cartridge. 


[ =| Paper Guide Cleaning 
ay Use this utility if your printout is dirty. 


Use the Maintenance or Tools tab on an inkjet printer's property sheet to access cleaning routines and 
calibration utilities. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vf and job aids on How to Maintain Inkjet Printers. 
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Activity 5-2 


Discussing Inkjet Printer Maintenance 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Which inks are typically used in the color printing process? 


2. What two types of print heads are used by inkjet printers? 


3. You have been asked to perform basic maintenance on an inkjet printer. One of 
the users noticed that the colors are not printing correctly and that the bottom of 
some letters are not printing. 


What would you do? 


4. Can inkjet printers use plain copy paper? 


5. What is an ASF? 


Lesson 5: Installing, Configuring, and Troubleshooting Print Devices | Topic B 


242 | The Official CompTIA® A+® Core 7 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


Topic C 


Maintain Impact, Thermal, and 3D 
Printers 


EXAM OBJECTIVES COVERED 
A 1001-3.11 Given a scenario, install and maintain various print technologies. 


Laser and inkjet printers are widely deployed but there are a number of other printer 
types that are better optimized for certain tasks. In this topic, you will learn about 
thermal, impact, and 3D printer types. 


IMPACT PRINTERS 


An impact printer strikes an inked ribbon against paper to leave marks. One common 
type is the dot matrix printer, which uses a column of pins (also called print wires) to 
strike the ribbon. 


Desktop dot matrix printers are no longer very widely deployed, but they are still used 
for specialist functions such as printing invoices or pay slips, on continuous, tractor-fed 
paper. Portable models are still widely used for printing receipts. 


Example of a dot matrix printer. (Image © 123RF.com.) 
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COMPONENTS OF IMPACT PRINTERS 


Impact printers are composed of a ribbon cartridge, rollers, and pins for moving paper 
through the printer, a printhead composed of a number of electromagnetic pins, and 
some optional components, which might include a paper tray, an output tray, and a 
support for sheet-fed paper. 


IMPACT PRINTER CONSUMABLES 


Impact printers can be used with either plain, carbon, or tractor-fed paper: 


¢ Plain paper is held firmly against the moving roller (the platen) and pulled through 
the mechanism by friction as the platen rotates. A cut sheet feeder may be added to 
some printers to automate the process of providing the next page. 

* Carbon paper (or impact paper) is used to make multiple copies of a document in 
the same pass (hence carbon copy, or "cc"). A sheet of carbon paper is inserted 
between each sheet of plain paper and when the print head strikes, the same mark 
is made on each sheet. 

* Tractor-fed paper is fitted with removable, perforated side strips. The holes in 
these strips are secured over studded rollers at each end of the platen. This type of 
paper is more suitable for multi-part stationery as there is less chance of skewing or 
slippage since the end rollers fix the movement of the paper. 


PAPER FEED MECHANISMS 


Impact printers can use either tractor feed when printing on continuous-roll impact 
paper, or friction feed when printing on individually cut sheets of paper. Tractor feed 
uses pairs of wheels with pins evenly spaced around the circumference at a set 
spacing. Continuous-roll paper with matching holes in the edges fits over the pins. The 
wheels turn and pull the paper through the printer. There are usually just two wheels, 
but there might be additional wheels or pin guides that the paper is latched to. There is 
usually a lever or other setting on the printer that needs to be engaged in order to use 
the tractor feed. 


Friction feed uses two rollers placed one on top of the other. The rollers turn to force 
individual cut sheets of paper or envelopes through the paper path. This is used to 
print on individual sheets of paper (cut-sheet paper) and envelopes. Be sure to set the 
printer lever or other setting to the cut-sheet mode when printing using friction feed. 


IMPACT PRINTER RIBBONS 


An impact printer will also have some form of replaceable ribbon. Older-style printers 
used to have a two-spool ribbon. However, most units now have a cartridge device that 
slots over or around the carriage of the print head. These integrated ribbons simplify 
the design of the printer because they can be made as a complete loop moving in one 
direction only. The two-spool design requires a sensor and reversing mechanism to 
change the direction of the ribbon when it reaches the end. 


When the ribbon on an impact printer fails to produce sufficiently good print quality, 
the ribbon-holder and contents are normally replaced as a whole. Some printers can 
use a re-usable cartridge. 


IMPACT PRINTER IMAGING PROCESS 


In a dot matrix printer, the pins are contained in the print head, which is secured to a 
moving carriage that sweeps across the paper. The pins are fired by coils of wire called 
solenoids. When a coil is energized, it forms a strong electromagnet that causes the 
metal firing pin to move sharply forwards, striking the ink-bearing ribbon against the 
paper. A strong permanent magnet moves the pins back into their resting position 
immediately after firing. 
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Note: Do not touch the print head after using the printer. The print head can become 
very hot, even after short periods of use. 


The output quality of a dot-matrix printer is largely governed by the number of pins in 
the print head. Most modern printers use 9-pin or 24-pin print heads. The latter offer a 
much-improved print quality. More sophisticated printers may use 48-pin print heads, 
although if you require this level of quality, an inkjet or laser printer may be a better 
option. 

A platen gap lever is often fitted to printers capable of printing on multi-part 
stationery. This lever adjusts the gap between the print head and the platen to 
accommodate different thickness of paper. Incorrect adjustment of the platen gap can 
cause faint printing (gap too wide) or smudging (too narrow). On more sophisticated 
printers, the platen gap is adjusted automatically. 


IMPACT PRINTER MAINTENANCE TIPS 


When you are loading a tractor-fed impact printer with paper, ensure that the holes in 
the paper are engaged in the sprockets and that the paper can enter the printer 
cleanly. Ensure that the lever is in the correct position for friction feed or tractor feed 
as appropriate for the media being used. Follow the manufacturer's instructions to 
replace the print head or ribbon cartridge. Take care, as the print head may become 
very hot during use. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vf and job aids on How to Maintain Impact Printers. 


THERMAL PRINTERS 


A thermal printer is a general term for any printer that uses a heating element to 
create the image on the paper with dye, ink from ribbons, or directly with pins while 
the feed assembly moves the media through the printer. There are several types of 
thermal printers that use significantly different technologies and are intended for 
different uses. The dye sublimation print process can be used for photo quality 
output and thermal wax transfer printers can be used as an alternative to color laser 
printing, but the most common type of thermal printer you are likely to have to 
support is the direct thermal printer. 


A direct thermal receipt printer. (Image © 123RF.com.) 
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Portable or small form factor direct thermal transfer printers are used for high volume 
barcode and label printing and also to print receipts. Such devices typically support 
200-300 dpi, with some models able to print one or two colors. Print speeds are 
measured in inches per second. 


COMPONENTS OF THERMAL PRINTERS 


Most direct thermal print devices require special thermal paper that contains 
chemicals designed to react and change color as it is heated by the heating element 
within the printer to create images. 


In the feed assembly on a direct thermal printer, paper is friction-fed through the 
print mechanism by a stepper motor turning a rubber-coated roller. Paper and labels 
may be fanfold or roll format. 


DIRECT THERMAL PRINTER IMAGING PROCESS 


Direct thermal printers have a heating element with heated pins that create an image 
directly onto special thermal paper. 


Thermal 
printhead 


Heated pins 


Paper direction 


Direct thermal print process. 


THERMAL TRANSFER PRINTER MAINTENANCE TIPS 


Thermal printers are often used in cash registers and for printing labels. Both of these 
uses require the printer to be available at all times, and to keep up availability, you 
should perform regular maintenance. 


When you are replacing the paper roll, you need to obtain the specific size and type for 
the brand and model of thermal printer you are using. The process is usually quite 
simple—just open the printer case, insert the roll, keeping the shiny print side facing 
outwards, then ensure that the end of the paper in held in place by the print head 
when closing the case again. 


In receipt registers, the cashier rips the paper across the serrated teeth to give the 
receipt to the customer. This can lead to a build-up of paper dust in the printer from 
tearing off receipts. It can also lead to bits of paper debris becoming lodged in the 
mechanism if a clean slice is not made and bits of leftover paper fall into the printer. 
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Label printers can end up with sticky residue inside the printer. If labels are not loaded 
correctly, they can separate from the backing while being fed through the printer. You 
will need to ensure users know how to properly load the labels and how to clean up if 
labels get stuck inside the printer. 


Use a vacuum or soft brush to remove any paper debris. Use a swab and appropriate 
cleaning fluid, such as Isopropyl Alcohol (IPA), to clean the print head (heating element) 
or any sticky residue inhibiting the feed mechanism. Alternatively, you can often 
purchase cleaning cards to feed through the printer to clean the print head safely. Only 
use cleaning cards when required, though, as they can be abrasive and wear down 
components. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vf and job aids on How to Maintain Thermal Printers. 


3D PRINTERS 


A 3D print process builds a solid object from successive layers of material. The 
material is typically some sort of plastic but there are printer types that can work with 
rubber, carbon fiber, or metal alloys too. The range of materials that can be used is 
expanding quickly. 

3D printing has very different use cases to printing to paper. It is most widely used in 
manufacturing, especially to create "proof of concept" working models from designs. 
The range of other applications is growing, however. For example, 3D printing can be 
used in healthcare (dentistry and prosthetics), clothing, and to make product samples 
and other marketing material. 


A 3D printer. (Image © 123RF.com.) 


3D PRINTER IMAGING PROCESS 


The 3D printer imaging process begins with either a scan created by a 3D scanner or 
by creating an object using 3D modeling software. From either of these methods, you 
end up with a 3D model created in software and saved to a 3D model format. 


This model is then sliced with slicing software into horizontal layers. The slicing 
software might be contained in the 3D modeling software or within the 3D printer. The 
result is a print job specifying how each layer in the finished object is to be deposited. 


The sliced model is then fed to the 3D printer over a USB or Wi-Fi connection, or by 
inserting an SD card containing the file into the printer. The printer then melts the 
filament and extrudes it onto the build surface, creating layer upon layer based on the 
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slices. The extruder (and sometimes the build bed) is moved as needed on X/Y/Z axes 
to create the build. 


COMPONENTS OF 3D PRINTERS 


There are several types of 3D printers. Fused filament fabrication (FFF), also known 
as fused deposition modeling (FDM), lays down layers of filament at high 
temperature. As layers are extruded, adjacent layers are allowed to cool and bond 
together before additional layers are added to the object. The main components in an 
FDM 3D printer are: 


* Print bed/build plate—a flat glass plate onto which the material is extruded. The 
bed is usually heated to prevent the material from warping. The bed must be 
leveled for each print job—this is usually automated, but cheaper printer models 
require manual calibration. It is very important that the printer frame be strong and 
rigid enough to keep the bed as stable as possible. Any vibration will result in poor 
quality printing. 

* Bed/build surface—a sheet placed onto the base plate to hold the object in 
position while printing, but also allow its removal on completion. The bed surface 
material may need to be matched to the filament material for best results. 

+ Extruder—the equivalent of a print head in an inkjet. A motor in the extruder 
draws filament from the "cold end" through to the nozzle (or "hot end"), where it is 
melted and squirted onto the object. Different size nozzles can be fitted to the 
extruder. 

* Gears/motors/motion control—enable precise positioning of the extruder. 

+ Fan—cools the melted plastic where necessary to shape the object correctly. 


The printer must be installed to a suitable environment. A stable, vibration-free floor 
and dust-free, humidity-controlled surroundings will ensure best results. 


Note: 3D printing involves several possible safety risks. Components work at high 
temperatures, and use of sharp tools such as scrapers and finishing knives is required. 


Ideally, the 3D print facility should be accessible only to trained users. 


FILAMENT 

The "ink" for a 3D printer is supplied as a spool of filament. Filament is provided either 
as 1.75 mm or 3 mm diameter. As noted earlier, there are various different filament 
materials. The two most popular plastics are Polylactic Acid (PLA) and Acrylonitrile 
Butadiene Styrene (ABS). Most printers can use a range of filament materials but it is 
best to check compatibility if a specific "exotic" is required for a project. Each material 
operates at different extruder and print bed temperatures. 


To change a filament, the extruder must be heated to the appropriate temperature. 
Pull as much of the old filament out as possible—taking care not to burn yourself— 
then push the new filament through. Do not start printing until all of the old filament 
has been pushed out. 


Filament spools require careful storage once opened. They should be kept free from 
heat and humidity. 


3D PRINTER MAINTENANCE TIPS 


3D printers require maintenance specific to the type of printing done. These printers 

do not print on paper, so have very different maintenance needs and consumables 

than traditional printers. Among the maintenance tasks you need to perform are: 

* Remove any leftover filament from nozzles. 

* Clean any residual plastic from the platform, nozzles, and other areas. There could 
also be glue left on the glass if your print process uses glue. 
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+ Ifthe documentation says to, apply grease to the moving parts that move the 
extruder on the X/Y/Z axes. 

* Check tubes in the feeder mechanism to see if they need to be cleaned or replaced. 

* Examine couplers to see if they have been damaged by the heat produced during 
the print process. 

* Make sure only approved materials are used when printing. 

* Check whether there are new versions of firmware available for the printer and 
whether you should apply them to the printer. 


OTHER 3D PRINTER TYPES 


There are two other common types of rapid prototype 3D printing. 


Prototype Description 


SLA Stereolithography (SLA) uses liquid plastic resin or photopolymer to 
create objects which are cured using an ultraviolet laser. Excess 
photopolymer is stored in a tank under the print bed. The print bed 
lowers into the tank as the object is created. A liquid solvent removes 
uncured polymer after the model is finished. 


SLS Selective laser sintering (SLS) fuses layers together using a pulse laser. 
The object is created from a powder and lowered into a tank as each 
layer is added. The powder can be plastic or metal. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vl and job aids on How to Maintain 3D Printers. 
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Activity 5-3 


Discussing Impact, Thermal, and 3D 
Printer Maintenance 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What type of printer technology is a dot matrix printer? 


2. What types of paper/stationery can dot matrix printers use that laser and 
inkjet printers cannot? 


3. Where are you must likely to encounter thermal printers? 


4. You have been asked to perform basic maintenance on a printer in the Research 
and Development area. The dot matrix printer used to create shipping documents 
seems to be printing lighter than normal, and one of the pins seems to not be 
connecting near the center of the print head as there are blank areas in some 
letters and images. 


What maintenance should you perform? 


5. Athermal printer used to create labels for parts bins, kits, and boxes is jammed 
due to a label coming loose during printing. 


How should you resolve this problem? 


6. What do you need to create objects with an FDM-type 3D printer? 
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7. What considerations for locating a 3D printer do you have to make? 
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Topic D 


Install and Configure Printers 


EXAM OBJECTIVES COVERED 
BI 1001-3.10 Given a scenario, configure SOHO multifunction devices/printers and settings. 


1001-3.11 Given a scenario, install and maintain various print technologies. 


Because printers are such a fundamental component of almost every computing 
environment, it is almost guaranteed that you will be asked to set up and configure 
printing on devices, no matter what professional environment you are working in. 
Although the different technologies used in various printer types affect maintenance 
and troubleshooting, the type of printer does not substantially affect the way it is 
installed and configured in an operating system such as Windows or shared on a 
network. The skills you will learn in this topic should prepare you to install and 
configure a wide range of printer types efficiently and correctly. 


WINDOWS PRINTERS 


Windows applications that support printing are typically WYSIWYG (What You See Is 
What You Get), which means that the screen and print output are supposed to be the 
same. To achieve this, several components are required: 


+ The print driver provides an interface between the print device and Windows. 

* Support for one or more print languages determines how accurate the output can 
be. 

e The technology used by the printer determines the quality, speed, and cost of the 
output. 


Note: There is a distinction between the software components that represent the printer 

@ and the physical printer itself. The software representation of the printer may be 
described as the "printer object," "logical printer," or simply "printer." Terms relating to 
the printer hardware include "print device" or "physical printer." Be aware that "printer" 
could mean either the physical print device or the software representation of that device. 
Pay attention to the context in which these terms are used. 


WINDOWS PRINT PROCESS 


Display and print functions for compatible applications are handled by the Windows 
Presentation Foundation (WPF). A WPF print job is formatted and spooled as an XML 
Print Specification (XPS) file in the printer's spool folder (%SystemRoot% 
\System32\Spool\Printers\). 


This spool file is then processed by the printer's device driver. It may either be output 
directly to an XPS-compatible print device or rendered using a different Page 
Description Language (PDL), such as HP Printer Control Language or Adobe® 
PostScript®, and converted to a raster, or dot-by-bot description of where the printer 
should place ink. 
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| Security 


General Sharing Ports 


@ Always available 


O Available from 


Priority: 1 


Driver: 


@ Spool print documents so program finishes 
O Start printing after last page is spooled 
@ Start printing immediately 


O Print directly to the printer 


Device Settings 
Advanced 


HP LaserJet 200 color MFP M276 PCL6 v 


About 
Colour Management 


New Driver... 


(= Add Printer Driver Wizard x 


Printer Driver Selection 
The manufacturer and model determine which printer driver to use. 


Select the manufacturer and model of the printer driver to install. If the driver you want is not 


| = 5 5 : A 
= siisted, click Have Disk to select the driver that you want. 
Hold mismatched documents 
É : If Windows Update is available, click it for more drivers for this processor. 
v] Print spooled documents first 
Keep printed documents 
W] Enable advanced printing features Manufacturer A || Printers A^ 
Printing Defaults... Print Processor] | Gestetner | JHP LaserJet 1022nw Class Driver 
Hewlett Packard | (EQHP LaserJet 200 color M251 PCL6 Class Driver 
HP | HP LaserJet 200 color M251 PS Class Driver 
OK InfoPrint | | IHD t seartet IN caine MED MITA DCI A ne 
ee v | < > 
This driver is digitally signed. Windows Update Have Disk... 
Tell me why driver signing is important 
< Back Cancel 


A print device might support more than one PDL—this HP printer supports both Printer Control 
Language (PCL) and PostScript (PS). (Screenshot used with permission from Microsoft.) 


The print monitor transmits the print job to the printer and provides status 
information. Most print devices have their own memory and processor, enabling the 
print job to be transmitted more quickly and reliably. If a problem is encountered 
during printing, the print device sends a status message back to the print monitor, 
informing the user. 


Applications and print devices that do not support WPF use the older Graphics Device 
Interface (GDI) print process. Under GDI, the print file can be spooled in one of two 
formats: 


+ EMF (Enhanced Metafile)—a small, efficient, printer-independent file type. As the 
file is smaller, it is written to disk more quickly, therefore freeing up resources. The 
printer must support EMF for this to work. 

* RAW-—this file type differs depending on your printer. RAW files must be formatted 
for the printer at the spooling stage, therefore it will take longer to spool the file 
and the file will be larger. The RAW spool format is a useful troubleshooting tool. 


Users can also print to network printers. In this case, a redirector service on the local 
computer passes the print job from the locally spooled file to the spooler on the print 
server (the computer to which the network printer is connected). Note that a driver for 
the network device must be installed locally. 


FEATURES OF PAGE DESCRIPTION LANGUAGES 


PDLs support the following features: 


* Scalable fonts—originally, characters were printed as bitmaps. This meant that the 
character could only be printed at sizes defined in the font (a bitmap font consists 
of a number of dot-by-dot images of each character at a particular font size). 
Scalable fonts are described by vectors. A vector font consists of a description of 
how each character should be drawn. This description can be scaled up or down to 
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different font sizes. All Windows printers support scalable TrueType or OpenType 
fonts. OpenType is an extension of TrueType, developed jointly by Microsoft and 
Adobe. OpenType offers portability between Windows and Mac OS®, better 
character (Unicode) support, and more advanced typographic options. PostScript 
compatible printers will also support PostScript outline fonts. 

* Color printing—the color model used by display systems is different to that used by 
printers (additive versus subtractive). An additive model combines differently 
colored transmitted light (Red, Green, and Blue, for instance) to form different 
shades. A subtractive model works using the reflective properties of inks: Cyan, 
Magenta, and Yellow plus Black ink for "true" blacks. A color model provides an 
accurate translation between on-screen color and print output and ensures that 
different devices produce identical output. 

* Vector graphics—as with fonts, scalable images are built from vectors, which 
describe how a line should be drawn, rather than providing a pixel-by-pixel 
description, as is the case with bitmap graphics. 


VIRTUAL PRINTERS 


There may be circumstances where you do not want to send a print job to a physical 
print device. Using a virtual printer means that the output is either a file containing 
instructions in some page description language or bitmap image data. Some of the 
reasons users might need to print to a virtual printer include: 


* Sending a document from their computer to a fax server. 

* Creating a document that cannot be purposely or inadvertently changed. 

e Making the document content available outside of the application which originally 
created the document. 

* Combining multiple documents into a single document. 

* Testing how the document will appear when printed on paper from a physical 
printer. 


When you are using a virtual print option, there may be a choice of file formats for the 
output: 


* Print to file—this creates a file that can subsequently be sent to the print device. It 
basically means saving a copy of the file that would normally be spooled by the 
printer. This may be used in conjunction with the PostScript print language. Note 
that the output files are typically very large. 

* Print to PDF—the Portable Document Format (PDF) was created by Adobe and later 
published as an open standard as a device-independent format for viewing and 
printing documents. Print (or export) to PDF functionality is available in many 
software applications. 

* Print to XPS—as noted earlier, the XML Print Specification is the print language 
supported by Windows. An XPS format file should be printable on modern 
Windows-compatible printers. 

* Print to image—some applications support directing the output to a bitmap image 
file format, such as PNG or JPEG. Vector text and art will be converted to a fixed 
resolution format. 
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G Settings _ oO x 


Q Home Printers & scanners 


Find a setting 


Printers & scanners 


Devices Adobe PDF 


| Œ Printers & scanners 


Default 


H HP LaserJet 200 color MFP M276 PCL 6 


Mouse 
Microsoft Print to PDF 

6&3 Touchpad 
Typing Open queue Manage Remove device 
d Pen & Windows Ink E) Microsoft XPS Document Writer 
@) AutoPlay 

E) Send To OneNote 2016 
B USB 


H Snagit 12 


Windows 10 includes Print to PDF and XPS Document Writer virtual printers by default. (Screenshot 
used with permission from Microsoft.) 


Note: The PC in the previous figure also has Adobe PDF, Send to OneNote, and Snagit 
virtual printers installed. 


LOCAL PRINTER CONNECTIONS 


As with other PC peripherals, USB is now the dominant printer interface. 


USB PORTS 


To install a USB printer, connect the device plug (usually a Type B connector) to the 
printer's USB port and the Type A host plug to a free port on the computer. In most 
cases, Windows will detect the printer using Plug-and-Play and install the driver 
automatically. You can confirm that the printer is successfully installed and print a test 
page using the Devices and Printers or Settings applet. 


Even though USB connections are powered, you will still need to connect the printer to 
mains power as it will draw down more power than USB can supply. Portable printers 
may have a battery supply. 


In the following figure, notice that there is an option to print a test page. In the 
properties dialog box for the printer, you can see that the printer is connected via USB. 
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Q Epson Stylus S22 


| 
| 
| 


| . = Epson Stylus $22 Properties 
| Manage your device 


General Sharing Ports Advanced Colour Management Security 
Printer status: Idle 


z = Epson Stylus $22 
Open print queue Set as default 
Print a test page Print to the following port(s). Documents will print to the first free 
checked port. 
Run the troubleshooter Port Description Printer a 
LPT3: Printer Port 
Printer properties COMI: Serial Port 
COM2: Serial Port 
Printing preferences COM3: Serial Port 
COMA: Serial Port | 
Hardware properties FILE: Print to File 
USB001 Virtual printer port for... Epson Stylus $22 
Do you have a question? Add Port... Delete Port Configure Port... 
Get help Enable bidirectional support 


Enable printer pooling 


Using Windows Settings to verify printer installation. (Screenshot used with permission from 
Microsoft.) 


ETHERNET 


Some printers come equipped with a network adapter and RJ-45 port and can be 
connected directly to an Ethernet switch. Client devices can then either connect directly 
to the print device via its Internet Protocol (IP) address or the device can be managed 
and shared via a network print server. 


SERIAL PORT 


The serial (RS-232 or COM) port is a legacy port and does not support the bandwidth 
required by modern desktop printers. Certain Point-of-Sale (PoS) barcode printers and 
older impact printers are interfaced by serial ports, however. 


Connect such a printer using an appropriate "null modem" serial cable; either 9-pin to 
9-pin or 25-pin to 9-pin, depending on the printer model. Serial port drivers are 
unlikely to support Plug-and-Play, so you will need to complete the installation using 
the Device Setup wizard, selecting the appropriate COM port and driver. You may also 
need to configure custom COM port settings (via the Ports tab in the printer's property 
dialog box). Check the printer's setup guide for specific cable and connector 
requirements and installation procedures. 


WIRELESS PRINT DEVICE INTERFACES 


A cable-free connection to a printer offers a more flexible solution. Most wireless 
interfaces are built into the printer. Wi-Fi may be available as an installable upgrade. 
Another option is to connect a wireless print server via the printer's USB port. The two 
principal wireless printer interfaces are Bluetooth and Wi-Fi. 


Bluetooth uses radio communications and supports speeds of up to 3 Mbps. It does 
not require line-of-sight and supports a maximum range of 10 m (30 feet), though 
signal strength will be very weak at this distance. To connect via Bluetooth, ensure that 
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the printer is configured as discoverable, then use the Bluetooth applet in Control 
Panel or the Devices page in Windows Settings to add the device. 


Wi-Fi (802.11) supports higher transfer rates. The printer should be configured with the 
appropriate WLAN settings (SSID and IP configuration) via its control panel. The main 
configuration choices are as follows: 


* 802.11 standard—the printer's wireless adapter will support a particular 802.11 
standard (a, b, g, n, or ac). Other devices connecting to it must support the same 
standard and be configured with the same security settings. 


* Infrastructure versus ad hoc—in infrastructure mode, the printer would be 
configured to connect to an access point and client connections would also be 
mediated by the access point. In ad hoc mode, client devices would connect directly 
to the printer. 


Using the printer control panel to join a Wi-Fi network (infrastructure mode). 


Ad hoc is a specific mode of peer-to-peer connection associated with legacy standards 
(802.11a/b/g). You are more likely to encounter devices supporting Wi-Fi Direct/ 
Wireless Direct. With Wi-Fi Direct, the server device supports a software-implemented 
access point to facilitate connections to client devices. 


Once the Wi-Fi link is established, you should then be able to connect to the printer 
from Windows like any other network printer. 


PRINTER DRIVERS 


Operating system printer drivers must be installed for a printer to function correctly. If 
the device is not detected automatically, the printer port can be selected, and drivers 
can be installed using the Devices and Printers applet or the Windows Settings app. 
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@ Add Printer 


Find a printer by other options 


@ My printer is a little older. Help me find it. 
O Select a shared printer by name 
Browse.. 


Example: \\computername\printername or 
http://computername/ printers/printername/. printer 


QO Add a printer using a TCP/IP address or hostname 
QO Add a Bluetooth, wireless or network discoverable printer 


C Add a local printer or network printer with manual settings 


Add Printer Wizard—select a manual configuration if Windows does not detect the printer 
automatically. (Screenshot used with permission from Microsoft.) 


Once the driver has been installed all applications will use it to send output to the 
printer. To test that the printer has installed correctly, open the Printer Properties 
dialog box (right-click the printer icon in the Devices and Printers applet) and select 
the Print Test Page button on the General tab. 


Note: Installing a new driver requires elevation (UAC). On a domain network, 
administrators can install approved drivers to designated servers then use group policy 
to allow standard users to install local printers using those drivers. 


Note: Make sure you obtain a 32-bit or 64-bit driver as appropriate. Many older print 
devices have become unusable as the vendor has not developed a 64-bit driver for them. 
If no up-to-date driver is available from Microsoft, download the driver from the printer 
vendor's website, extract it to a folder on your PC, then use the Have Disk option to install 
it. 


CONFIGURATION SETTINGS 


Print devices are configured and managed via the Devices and Printers folder 
(Windows 7 and 8) or the Settings app (Windows 10). The layout of these apps is 
slightly different, but they present similar options—view the print queue, open 
properties and preferences, set a default printer, start a troubleshooter, and so on. 
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Settings = m x 
Q Home Printers & scanners 

Find a setting | Add printers & scanners 
Devices 


Add a printer or scanner 
+ p 


Eğ Bluetooth & other devices 


| & Printers & scanners Printers & scanners 

Adobe PDF 
© Mouse 
E Touchpad ran Fax 
=a Typing HP LaserJet 200 color MFP M276 PCL 6 

Default 
d Pen & Windows Ink 

n queue Manage Remove device 
@) AutoPlay ak pa 
A Microsoft Print to PDF 
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E) Microsoft XPS Document Writer 
Le! 


Viewing the print queue and configuring preferences through the Printers and Scanners Settings app 
page. (Screenshot used with permission from Microsoft.) 


There are two main configuration dialog boxes for a local printer: Printer Properties 
and Printing Preferences. 


Note: To adjust some device properties and options, you may have to select Run as 
administrator then Printer Properties or Printing Preferences as appropriate. 


PRINTER PROPERTIES 

A printer's Properties dialog box allows you to manage configuration settings for the 
printer object and the underlying hardware, such as updating the driver, printing to a 
different port, sharing and permissions, setting basic device options (such as whether a 
duplex unit is installed), and configuring default paper types for different feed trays. 


The About tab contains information about the driver and the printer vendor and may 
include links to support and troubleshooting tips and utilities. 


Note: The options available for printing preferences and the layout of these dialog boxes 
is partly vendor-specific. 
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da HP LaserJet 200 color MFP M276 PCL 6 Properties x 
General Sharing Ports Advanced Colour Management 
Security Device Settings About 


gm HP LaserJet 200 color MFP M276 PCL 6 Device Settings 
B-42] Form To Tray Assignment 
Ad z 
Manual Feed in Tray 1: A4 
Tray 1: A4 
m- Font Substitution Table 
External Fonts... 
S] i= Installable Options 
Automatic Configuration: Off 
Printer Status Notification: Disabled 
Allow Manual Duplexing: Enabled 
Printer Memory: 128 MB 
Job Separator: Disabled 


cro | eH 


This HP printer allows defaults and installable options to be configured here. (Screenshot used with 
permission from Microsoft.) 


PRINTING PREFERENCES 


The Preferences dialog box sets the default print job options, such as the type and 
orientation of paper or whether to print in color or black and white. 


@ HP LaserJet 200 color MFP M276 PCL 6 Printing Preferences x 


Advanced Printing Shortcuts Paper/Quality Effects Finishing Color Services 


A printing shortcut is a collection of saved print settings that you can select 
with a single click. 


n Factory Defaults 


Paper sizes: 210 x 297 mm 
A4 X 


Paper source: 
v | Envelopes Automatically Select X 

Paper type: 

Cardstock /Heavy Unspecified z] 
Print on both sides: 

z5 No x 

=] Labels 

= Pages per sheet: 
1 page per sheet X 

EJM 

S EcoSMART Settings Color options: 


The shortcuts tab lets you select from preset option templates. (Screenshot used with permission from 
Microsoft.) 
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These settings can also be changed on a per-job basis by selecting the Properties 
button in the application's Print dialog box. Alternatively, the printer may come with 
management software that you can use to change settings. 


PAPER/QUALITY 


The Paper/Quality tab allows you to choose the type of paper stock (size and type) to 
use and whether to use an economy or draft mode to preserve ink/toner. You can also 
use the Color tab to select between color and grayscale printing. 


@ HP LaserJet 200 color MFP M276 PCL 6 Printing Preferences x 


Advanced Printing Shortcuts 


/ | Effects Finishing Color Services 


Paper Options 
Paper sizes: 216 x 279 mm 
Letter X 
Custom... 
Paper source: 
Automatically Select X 
Paper type: 
Plain si 
Print Quality 
Special pages: 
Covers | EconoMode 
Print pages on different paper 
Gloss Level: 
Default X 
Settings... | El 


@ About... | Help 


Use the Paper/Quality tab to configure the paper type and whether to use a reduced ink/toner 
economy mode. (Screenshot used with permission from Microsoft.) 


FINISHING 


The Finishing tab lets you select output options such as whether to print on both sides 
of the paper (duplex), print multiple images per sheet, and/or print in portrait or 
landscape orientation. 
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dh HP LaserJet 200 colorMFP M276nw UPD PCL 6 Printing Preferences x 


Advanced Printing Shortcuts Paper/Quality Effects Finishing Color Services 


[T Print page borders 


Page order 
JRight, then Down z] 
Orientati 
© Portrait 
© Landscape 


J” Rotate by 180 degrees 


Cancel | | Apy 


The Finishing tab allows you to select duplex output (this printer allows only manual duplex, where the 
stack must be flipped by the user and reinserted into the paper tray manually). (Screenshot used with 
permission from Microsoft.) 


COPY COUNT AND COLLATED PRINTS 
You can change the copy count and collation options using the Advanced tab. 


© 
re Print 


G186-188eng_vol1_vDEV_XXXpp_A4.docx [Compatibility Mode] - Word T AEIR 
James at gtslearning ~ Wi 


New 
Copies 1 = a 
Ope = | E 
gi | p ra e es 4 
Save Print | a 
al =| 
Save As Printer ry m 
HP LaserJet 200 color MFP... — 
Print => Ready v eee a 
Share Printer Properties ~an 
Epi Settings = = 
P B Print All Pages . EO) o 
Li The whole thing ERS RETR ee 
Pages: 
Account EB Print One Sided ` 
Options Only print on one side of th, 
Sc Hated 
te ~ E 
123 123 123 A 
TE Collated 
-T Ta FAS = 
Far) Uncollated < > 
1,1,1 3,3 n 
222 33 ~ 4 317 of 331 > 42% ——A +8 


Print and collation options in Word. (Screenshot used with permission from Microsoft.) 
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A collated print job is one where all pages of the first copy are printed, followed by all 
pages of the second copy, and so on. If the uncollated option is selected, then all 
copies of page 1 are printed first, followed by all copies of page 2, and so on. 


PRINTER SHARING AND NETWORKING 


There are two main options for sharing a printer on the network: 


* Windows printer sharing 
e Hardware print server sharing 


WINDOWS PRINT SERVER CONFIGURATION 


An administrator can share any locally installed printer via its Sharing tab in the 
Properties dialog box. Locally installed means that Windows communicates with the 
print device directly over the relevant port. It does not matter whether the port is wired 
(USB, serial, or Ethernet) or wireless (Bluetooth or Wi-Fi). Drivers for different operating 
systems can also be installed locally so that clients can obtain the appropriate driver 
when they connect to the print share. 


= 


Security Device Settings About 
General Sharing Ports Advanced Colour Management 


=> If you share this printer, only users on your network with a username 

sg and password for this computer can print to it. The printer will not 
be available when the computer sleeps. To change these settings, 
use the Network and Sharing Centre. 


| Share this printer Additional Drivers x 


Share name: | HP LaserJet 200 color MFP M276 PCL 6 


You can install additional drivers so that users on the following systems can 


| Render print jobs on client computers download them automatically when they connect. 
Processor Type Installed 
ARM64 Type 3 - User Mode No 
x64 ype 3 - User Mode Yes 
Davee M xé Type 3 - User Mode Yes 
x86 Type 3 - User Mode No 


If this printer is shared with users running different versions of 
Windows you may want to install additional drivers so that the 
users do not have to find the print driver when they connect to the 
shared printer. 


Additional Drivers... 


OK Cancel Apply 


Sharing a printer via the Printer Properties dialog box. Use the Additional Drivers button from the 
Sharing page to install drivers for operating systems other than the host print server. (Screenshot used 
with permission from Microsoft.) 


Note: When you configure sharing, only one PC should be designated as the server for 
any one print device. If multiple PCs try to act as the server for the same print device, the 
result will be confusion. 


If the network has clients running a mix of different operating systems, you need to 
consider how to make a printer driver available for each supported client. If the printer 
supports a "Type 3" driver, you need only add x86 (32-bit Windows) and/or x64 (64-bit 
Windows) support. For earlier "Type 2" drivers, each specific Windows version requires 
its own driver. 
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Note: Windows 8 and 10 add support for Type 4 drivers. These are designed to move 
towards a print class driver framework, where a single driver will work with multiple 
devices. Where a specific print device driver is required, the client obtains it from 
Windows Update rather than the print server. 


SHARED PRINTER CONNECTIONS 

An ordinary user can connect to a network printer (assuming that the printer 
administrator has given them permissions to use it). One way of doing this is to browse 
through the network resources using the Network object in File Explorer. Open the 
server computer hosting the printer, then right-click the required printer and select 


Connect. 
m| PY > | comptia E o x 
Home Share View e 
€ » A GB» Network > comptia > vod Search comptia P 
we Quick access i CERTS HP LaserJet 200 color MFP M2... 
E Desktop 
f&a OneDrive - CompTIA <= HP LaserJet 200 color MFP 
d&a OneDrive - Personal x EELS > 


a James at CompTIA 


. p Open 
E This PC i OpticalDrive noe 
‘ph Libraries 
Create shortcut 
we USB Drive (D:) TENN i 
E Network Properties 
E comptia 


E COMPTIA-LABS 
Control Panel 
& Recycle Bin 


4items 1 item selected 


Ul 


Connecting to a network printer via File Explorer. (screenshot used with permission from Microsoft.) 


INTEGRATED HARDWARE PRINT SERVERS/NAS 


Some printers come with integrated or embedded print server hardware and 
firmware, allowing client computers to connect to them over the network without 
having to go via a server computer. You can also purchase print servers or use a 
solution such as a Network Attached Storage (NAS) appliance that supports print 
sharing. Many wireless Internet routers can be configured to work as a NAS/print 
server solution. 
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HP LaserJet 200 color MFP M276 


a Network Product(s) Found 


w Prepare to install The following product(s) have been found on the local network. 


Select one of the following product(s) to connect to by clicking onit in the list and selecting "Next" to continue: 


id Connect the Product Model Name IP Address Hardware Address Hostname 


HP LaserJet 200 colorMFP M276nw = 192.168.1.247 2CS9ESDIF937 NPIDIF937 


Install 
Configure Product 


Complete If your product is not on the list, make sure your product is powered on and z 
connected to the network, then click 'Search Again.' For more information click © Search Again 


'Help.' 


NOTE: If your product has just been turned on, it may take a few minutes for it to initialize before it can be detected on 
the network. 


Installing a network printer using a vendor tool. The printer has been connected to the network via an 
Ethernet cable and been assigned an IP address by a DHCP server. 


Note: You can also purchase external print servers, such as HP's Jetdirect, that connect to 
a USB port on the printer and to the network via a standard port. 


In place of a standard network card, a printer could be fitted with a Wi-Fi wireless 
adapter to make it available in a wireless network. 


A network printer needs to be configured so that it has a valid address. On an IP 
network, you might set the printer to obtain an address automatically via a Dynamic 
Host Configuration Protocol (DHCP) server or configure it with a static IP address and 
subnet mask. The printer will need to communicate with computers over one or more 
Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) network ports. If 
a network connection cannot be established, verify that these ports are not being 
blocked by a firewall or other security software. 


Most printers provide a mechanism for locally configuring the printer. Usually, this is 
by means of a menu system which you navigate by using an LCD display and adjacent 
buttons or a touchscreen on the front of the printer. 
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Setting the IP address configuration method via the printer's control panel. 


This method is suitable for small office environments where you have few printers to 
manage. It is also useful in troubleshooting situations when the printer is inaccessible 
from the network. However, the printer vendor will usually supply a web-based utility 
to discover and manage their printers, whereas more advanced management suites 


are available for enterprise networks. 
w| ELR 
RT 
ee 
Qi U 


— O Q D 192.168.1.247, 


[A HP LaserJet 200 colorMFP M276nw © | © | ® 
RIRIR 


HP LaserJet 200 colorMFP M276nw NPID1F937 192.168.1.247 


A A A [OR 
HP Web Services HP Smart Install 


Denese - Device Status | Shop for Supplies |) Support | 


Supplies Status 


Device Configuration 
Network Summary 
Reports 

Color Usage Log Status: Power down mode. @ 


Event Log 


Supplies Summary 


i 9 
Black Cartridge 30% Cyan Cartridge* --% Mapena Callikige = Yellow Cartridge * --% 


Order 131X t Order 131A Order 131A 
Order 131A 
(CF210X) (CF211A) (CF213A) (CF212A) 
— I ! C eN 


* The printer indicates when a supply level is very low. Actual cartridge life remaining may vary. 
Consider having a replacement available to install when print quality is no longer acceptable. The 
supply does not need to be replaced now unless the print quality is no longer acceptable. Once an HP 
supply has reached "very low", HP's Premium Protection Warranty on that supply has ended. 


+t Approximate only; varies depending on types of documents printed and other factors. 


EE 


Managing an HP printer using a browser. 
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CLOUD AND REMOTE PRINTING 

A networked printer can also be made available over the web using the HyperText 
Transfer Protocol (HTTP) and Internet Printing Protocol (IPP). For example, on an HP 
printer, you can use the management console to enable web services. This allows 
users to print to the device via HP's ePrint Center using a specially configured print 
path for the printer (identified by an email address). Alternatively, you could use third- 
party software, such as Google's Cloud Print™, which can connect to cloud-ready 
printers or support cloud printing for legacy devices. 


< > © A D 192.168.1.247, o e re fia 
K HP LaserJet 200 colorMFP M276nw 


Ox = 
IEIR fed | |. 
Q (s7 o Q ~ 
HP LaserJet 200 colorMFP M276nw NPID1F937 192.168.1.247 


ES SS eS] ve wen services (EC 
Web Services Setup J support | 


Proxy Settings 


ooo.” 000o 


HP ePrintCenter 


Click 'Enable' to accept 'Terms of Use’ and enable HP Web Services. Please refer to the information below. 


Print from Anywhere 


HP's free ePrint service provides an easy way to print from e-mail, anywhere and anytime. Simply attach a file to an e-mail, and send it to this printer's e-mail address. 
The attachment will print automatically on this printer. Supported attachment file types include pdf, .jpg, tif, and Microsoft Office(R) documents. 


NOTE: Attachments may print differently than they appear in the software program which created them, depending on the original fonts and layout options used. 


Your Printer is Protected 


To helo nrevent unauthorized e-mail HP assians a random e-mail address to vour printer never nublicizes this address and by default does not respond to anv 


Configuring ePrint web services on an HP printer. 


Users can send documents to the printer by logging into the cloud service. There are 
apps to support mobile devices as well as PCs and laptops. 


Bonjour/AirPrint 

You may also want to configure a network printer to support clients other than 
Windows. One option is to enable the Bonjour service to allow macOS PCs and iOS 
mobile devices to connect by using Apple AirPrint. 
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Config 1 G ue 
N | 2 iE i a 


HP LaserJet 200 colorMFP M276nw NPID1F937 192.168.1.247 


HP Smart Install 
Configuration Network Summary Shop for Supplies J Support | 
IPv4 Configuration 
TCPIIP(v4) 
IPv6 Configuration 
Wireless Configuration Status (Wired): Ready 
Wireless Direct Setup 
PEAN IPv4 Address: 192.168.1.247 
poa Subnet Mask: 255.255.255.0 
Kines Default Gateway: 192.168.1.254 
and IP Configured By: Manual 
sks IP Preferred Address Method: Manual 
Centificates DHCP/BOOTP Server: 
HTTPS Enforcement TFTP Server: Not Specified 
SNMP WINS Server: Not Specified 
PEIEE renee Preferred DNS Address: 192.168.1.1 
sae Alternate DNS Address: Not Specified 
Firewall TCPIIP(v6) 
Status: Disabled 
Network Identification 
Host Name: NPID1F937 
Domain Name (IPv4/IPv6): 
Domain Name (IPv6 only): 
Bonjour Service Name: HP LaserJet 200 colorMFP M276nw ( 


Bonjour Domain Name: NPID1F937 local. 


Bonjour services have been configured on this printer allowing macOS and iOS devices to connect to it 
wirelessly (using Apple AirPrint). 


Bonjour is the server part of the solution, while AirPrint provides the client 
connectivity. Through Bonjour, users can locate printers and file servers. It uses DNS 
service records to locate the devices offering print and file sharing services. AirPrint is 
part of the macOS and iOS operating systems and supported by most third-party 
applications and apps. 


Cancel Printer Options 


Printer HP LaserJet 200 colorMFP M276r 


1Copy 


Options 


New training materials for 
CompTIA IT Fundamentals 
from just $39/student 


The printer can be used from iOS when connected to the same network. 
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DATA PRIVACY AND SECURITY ISSUES 


You should be aware of some of the data privacy and security issues exposed by 
shared printers: 


* Hard drive caching—most printers have a local storage device to use to cache 
print files. Someone with access to the device could be able to recover confidential 
information from the hard drive cache. 

+ User authentication—it may be necessary to prevent unauthorized use of a 

network or cloud-based printer. In a Windows network, the permissions system can 

be used to control access to the printer. Cloud-based services can also be 
configured to require user authentication. 

Data privacy—jobs sent over a network (such as via a cloud or remote print 

service) could potentially be intercepted and read, copied, or modified. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vf and job aids on How to Install and Configure Printers. 
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Activity 5-4 


Discussing Printer Installation and 
Configuration 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. When you are purchasing a new printer, what would you need to decide 
between as you evaluate connections? 


2. You use three Windows applications that need to print to a Canon BJC-4300 
printer. 


How many printer drivers must you install? 


3. You are setting up a print server and want to enable access for the widest range 
of Windows 7 machines possible. 


Should you install separate drivers for the Home and Enterprise editions? 


4. What tool can you use to confirm that basic print functionality is available? 


5. You have installed an automatic duplex unit in an office laser printer. 


What configuration setting would you change to make the unit available for 
print jobs? 


6. True or false? When you print 10 copies of an uncollated job, 10 copies of 
page one are printed, followed by 10 copies of page two, then 10 copies of 
page three, and so on. 
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7. True or false? To enable printer sharing via Windows, the print device must 
be connected to the Windows PC via an Ethernet or Wi-Fi link. 


8. What configuration information does a user need to use a print device 
connected to the same local network? 


9. What service should a network print device run to enable an Apple iPad to 
use the device over Wi-Fi? 
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Activity 5-5 


Installing and Configuring Printers 


BEFORE YOU BEGIN 


Complete this activity on your WORKBENCH PC. Check with your instructor for extra 
instructions. 


SCENARIO 


In the first part of this activity, you will compare and contrast various printers and print 
processes. There are several printers that are currently not deployed in your 
organization that are being stored in the IT department inventory cages. In order to 
determine which ones you will need when the time comes to replace currently 
deployed printers, you want to examine these printers to identify the features of each. 
You will then fill out a chart to identify which printers have which features. 


In the second part of this activity, you will install and configure a printer. If a physical 
printer is not available, you can install a PostScript driver, which can be used to create 
print files that can be sent to any PostScript print device. 


1. Examine the printers available to you, then fill out the following table. (Use the 
space on the bottom half of the page if necessary.) 


Creates Images Connection Paper Handling 
Printer Type Using Method Mechanism 


2. Install a physical print device. If necessary, install the printer's driver software 
before connecting the print device. 
Your instructor will provide you with a print device and the necessary cabling. 
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a) 
b) 
c) 
d) 


e) 
f) 


8) 


If the printer comes with setup software that guides you through the installation 
process, follow the guided setup process. 


Connect the power cable to an electrical outlet and switch on the print device. 
Connect the printer cable to the appropriate port on the PC. 

You should hear a notification chime. Windows should locate the driver files and 
install the printer. 


Click in the Instant Search box and type printers. Select the Printers & scanners 
link. 


If your printer is not listed, select Add a printer or scanner. 

If the printer is still not located, select the The printer or scanner I want isn't listed 
link. 

Try the My printer is a little older option first. If this does not work, try Add a local 
printer or network printer with manual settings. 


fm Add Printer 


Find a printer by other options 


© Select a shared printer by name 


Example: \\computername\printername or 
http://computername/printers/printername/ printer 


© Add a printer using a TCP/IP address or hostname 
©) Add a Bluetooth, wireless or network discoverable printer 


O Add a local printer or network printer with manual settings 


The Add Printer wizard—the wizard will usually detect any local or network printers 
available. (Screenshot used with permission from Microsoft.) 


3. Install a driver to support Print to File. 


If a physical print device is not available, you can install a printer driver configured to 
output to a file. 


a) 


b) 


Click in the Instant Search box and type printers. Select the Printers & scanners 
link. 

Select Add a printer or scanner. When it appears, select the The printer or scanner 
| want isn't listed link. 

The Add Printer wizard starts. 


Select Add a local printer or network printer with manual settings and select 
Next. 
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From the Use an existing port box, select FILE and select Next. 


€ am Add Printer 


Choose a printer port 


A printer port is a type of connection that allows your computer to exchange information with a printer. 


a ]}Ř- a al 


@ Use an existing port: FILE: (Print to File) iv) 


nn cee ectcwnnw mswmm cnecnecsccnecwectecwncs con mcn men ecseccwsceswcneceeetensecsncn ecw eceecscccncsncoes 


O Create a new port: 
Adobe PDF Port Monitor 


Configuring a printer to direct output to a file, rather than a device port. (Screenshot used 
with permission from Microsoft.) 


From the Manufacturer box, select Microsoft, and then from the Printers box, 
select Microsoft PS Class Driver. 


x 
© om Add Printer 

Install the printer driver 

> Choose your printer from the list. Click Windows Update to see more models. 
as 

To install the driver from an installation CD, click Have Disk. 

Manufacturer A || Printers A 

Lanier = Microsoft PS Class Driver 

Lexmark Ej Microsoft PWG Raster Class Driver 

Microsoft Ej Microsoft Software Printer Driver 

NRG TS Micenenft YDS Clare Driver x 

= v < > 
Ej This driver is digitally signed. Windows Update Have Disk... 

li me why r signing is i 


Selecting a printer make and model manually. (Screenshot used with permission from 
Microsoft.) 


Select Next. 
Select Next. 
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h) Accept the default Printer name and select Next. 
The printer driver files will be installed. 

i) Select Do not share this printer, then select Next. 

j) Select Finish. 


Pause the print queue. 
a) If necessary, open Printers & scanners again. 
b) Observe the message on the printer indicating that it is the default. 
c) Select the printer and then select the Manage button. 
This shows status information and presents configuration options. 


€ Settings - Oo x 
Q Epson Stylus S22 


Manage your device 


Printer status: Idle 
Open print queue Set as default 

Print a test page 

Run the troubleshooter 

Printer properties 


Printing preferences 


Hardware properties 


Do you have a question? 
Get help 


Device settings for an Epsom inkjet printer. (Screenshot used with permission from 
Microsoft.) 


d) Select Open print queue to open the print queue. 
e) Select Printer—Pause Printing. 


Note: You will not be able to pause a virtual printer (when printing to a file). 


f) Leave the print queue open. 


View the print device's preferences, and configure it to use draft mode output. 
a) Switch back to the Printers & scanners app, and select Printing preferences. 


b) Configure the following options (most options will not be available if you configured 
the Print to File option): 


* Paper size: select Letter. 
+ Paper type: select plain paper in the auto-feeder tray. 
+ Print quality: set to Draft/300 dpi. 

c) Select OK. 


Print a test page. 
a) Right-click the printer and select Printer properties. 


Note: Select Printer properties not Hardware properties, as the latter 
option opens a different dialog box (Device Manager properties). 
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b) Look through the options on the various tabs, then select the General tab and select 
Print Test Page. If you are printing to a file, save the file as test.oxps in the 
Documents folder. 

c) Select Close to dismiss the message. Select OK to close the dialog box. 


View the print queue and the printer's spool folder. 
a) Switch to the print queue and observe the job waiting for the print device to come 


online. 
Tl EPSON S22 Series - Paused = x 
Printer Document View 
Document Name Status Owner Pages Size Submitted Port 
[E] Test Page James 1 6.00 MB 18:03:19 25/11/2018 


1 document(s) in queue 


Observing the print queue. (Screenshot used with permission from Microsoft.) 


b) In Explorer, open C:\Windows\System32\Spool\PRINTERS. If necessary, select 
Continue at the UAC prompt to get access to the folder. Observe the spooled job. 

c) Open another Explorer window and browse the C:\COMPTIA-LABS\LABFILES folder. 
Right-click the comptia-logo.jpg picture and select Print then confirm with Print 
again. If you are printing to a file, save it as sample.oxps in the Documents folder. 


d) Verify that the spooled files are listed in the PRINTERS folder. 

e) Verify that the printer is correctly loaded with paper. 

f) Inthe print queue, right-click the Full page photo job and select Pause. Select 
Printer—Pause Printing. 

g) When the job has printed, collect it from the printer. 

h) Look at the spooled files again—verify that they are now either 0 KB or deleted. 

i) Switch back to the print queue, right-click the Full page photo job, and select Cancel. 
Confirm by selecting Yes. 

j) Check the PRINTERS folder again—the spooled files should no longer be displayed. 

k) If you are printing to a file, browse the XPS format documents created in the 
Documents folder. 


Uninstall the printer. 
a) Disconnect the printer from the port and switch it off. 
b) Look at Printers & settings. 
The printer should be listed as offline. 
c) Select the printer and select Remove device. Select Yes to confirm. 
d) Verify that another printer (if present) is automatically selected as the new default. 


e) Ifyou installed the printer software, open Settings—Apps—Apps & features. Select 
the printer software and select Uninstall. Work through the remaining prompts to 
remove the software. 
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Topic E 


Troubleshoot Print Device Issues 


H 


As a support professional, you will be well aware that one of the most unpleasant 
problems for users is being unable to print. If users need hard copies of documents 
and the systems do not work, it can be very frustrating. Users will look to you to 
identify and resolve their problems quickly, so you will need to recognize common 
issues and to correct them efficiently when they occur. 


EXAM OBJECTIVES COVERED 


1001-5.6 Given a scenario, troubleshoot printers. 


PRINTER CONNECTIVITY TROUBLESHOOTING 


Printers are usually simple devices to troubleshoot, as in most cases there will be an 
error message or code displayed on the printer's control panel telling you exactly 
where the error lies. You may need to look the error code up in the printer 
documentation to confirm what it means. Use the error code to guide your 
troubleshooting efforts. 


USING PRINTER LOGS 

You could also check for multiple failed jobs in the print server's log. For example, in 
Windows, use Event Viewer to open the Applications and 
Services—Microsoft—Windows—?Print Service—Operational log. 


Event Viewer = m] x 
File Action View Help 
e| ml bE 


eR ere uti escuied| Operational Number of events: 12 
> © PersistentMemory-Virtu : 
> i PimemDisk Level Date and Time Source Task Category pen: m 
> E Policy-based QoS @ Information 11/09/2018 18:04:28  PrintServ Print job diagnostics 5 Open Saved Log... 
> E PowerShell @ Information 11/09/2018 18:04:28  PrintServ Print job diagnostics P Create Custom View... 
> ©) PowerShell-DesiredState @ Information 11/09/2018 18:04:28 — PrintServ Isolating printer driv... Bas sce TE E 
> E] PrimaryNetworklcon fp information 11/09/2018 18:04:16 _PrintServ Print job diagnostics = i 
> © PrintBRM @information 11/09/2018 18:04:06 Print job diagnostics Clear Log... 
v E Printservice Q@ information 11/09/2018 18:04:06 Print job diagnostics Y Filter Current Log... 

£E] Admin Q@ information 11/09/2018 18:02:59 Print job diagnostics ; 

=| Properties 

© Operational - nsss r a 
> E] PriResources-Deployme Event S00. PrintSenvice Disable Log 
> ©) Program-Compatibility- ama] (OG Find... 
> 15 Provisioning-Diagnostic General Details Ie) Save All Events As 
> ©) Proximity-Common a y 
> [Ñ PushNotifications-Platfi Spooling job 6. Attach a Task To this Log... 
> 1) RasClusterResource Voom 
> E] ReadyBoost iG) Refresh 
> - a E Log Name: Microsoft-Windows-PrintService/Operational = 
> rn n Source: PrintService Logged: 11/09/2018 18:04:16 P 
> © Reliability-Analysis-Eng TRUE ` = 5 
> 05) RemoteApp and Deskto Event ID: 800 Task Category: Print job diagnostics Event 800, PrintService 
> ©) RemoteAssistance Level: Information Keywords: WDI Diag [E] Event Properties 
>a RemoteDesktopServices User: COMPTIA\James ‘Computer: COMPTIA Ko] Attach Task To This Event... 
> 1) RemoteDesktopServices OpCode: a) [ad Save Selected Events 
> E] RemoteDesktopServices More Information: Event Log Online Help v a 
> 15) RemoteDesktopServices v < > 5) Copy 


< > 


[Al Refrech 


Viewing print service informational messaging—any errors would appear here, too. (Screenshot used 


with permission from Microsoft.) 
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Note: You need to right-click to enable the Print Service—Operational log before it 
starts recording events. Consider creating an administrative alert for error events so that 
you can be warned of and investigate problems quickly. 


You may also be able to collect error logs from the device itself. Management software 
will be able to retrieve these logs and report them to a centralized console. 
Alternatively, you can view them manually using a vendor-supplied tool, such as the 
management URL for this HP printer. 


= — O Q ® 192.168.1.247/info_eventLog.html?tab 


omesumenu=EventLog wx] Æ 
[K HP LaserJet 200 colorMFP M276nw RIAIR 
lOi: Ol lQ 


HP LaserJet 200 colorMFP M276nw NPID1F937 192.168.1.247 


Networking HP Web Services CEZIJA 
Device Status 


Supplies Status Event Log EZA 


Device Configuration 


Network Summary | Entry# | Code | Page | Description 
Reports 10 13.0000 2947 Paper Jam 
Color Usage Log 9 21.0000 2565 Page too complex 
Eventlog = ig 41.3000 2411 Higad Paper 
Size 
13.0000 2411 Paper Jam 
10.7001 1956 
10.7002 1919 
4 10.8100 1815 eaten ela 
in black-only 
10.7003 1815 
21.0000 1485 Page too complex 
Starting to print in 
1 10.7100 1425 Sanco 


Using a web management tool to view the event log for a print device. 


GENERAL TROUBLESHOOTING APPROACH 


In the absence of any error code or descriptive error log, remember to test obvious 

things first: 

e Is the printer switched on and loaded with paper? 

e Is there sufficient ink or toner? 

* Is the connection between the printer and PC good? 

* Can you print a test page by using the printer's control panel and from within 
Windows? 

Also check environmental conditions—a printer may malfunction if it overheats. Check 

that there is plenty of space around the printer for air to circulate (especially around 

the vents on the printer case) and that the environment is not excessively hot. 

Remember to ask: "What has changed?" It is important to establish whether something 

has never worked or has just stopped working. If something never worked, then there 

has been an installation error; if something has stopped working, look for a 

configuration change or maintenance issue. 
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Note: Also remember that Windows has several built-in troubleshooting tools, one of 
which covers printer problems. 


GUIDELINES FOR TROUBLESHOOTING PRINT DEVICE ISSUES 
Note: All of the Guidelines for this lesson are available as checklists from the Checklist 
tile on the CHOICE Course screen. 


Consider these guidelines as you troubleshoot printing problems in Windows. 


NO IMAGE ON THE PRINTER DISPLAY 


If there is no image on the printer display but the printer's power LED is lit: 


* Verify that the printer has not gone into a power-saving sleep cycle. Pressing the 
power button or pressing the touchscreen will generally wake the printer. 

* Try powering down the printer. Remove the power cord and any peripheral cables, 
and leave the printer switched off and unplugged for at least a minute. Then 
reconnect and restart the printer. 

« Ifthese steps do not resolve the issue, there is likely to be a hardware fault. 


NO CONNECTIVITY 


If documents do not print or if you see "Not available" messages relating to the printer 
you want to use: 


* Verify that the printer is switched on and "online." A printer can be taken offline 
quite easily by pressing the button on the control panel. Often this happens by 
accident. A printer may also go offline because it is waiting for user intervention or 
because it has received corrupt print job data. 

* Also check the connection between the host PC and printer. Make sure connectors 
are secure, that the network configuration is correct, or that there are no sources of 
interference blocking a wireless link, for instance. 


Note: Remember, cycling the power is a time-honored response to most troubleshooting 
scenarios involving end-user devices. 


PRINT QUEUE AND SPOOLER TROUBLESHOOTING 


A backed-up print queue means that there are lots of jobs pending but not printing. 
This might occur because the printer is offline or out of paper or ink/toner. It could also 
occur because of an error processing a particular print job. If a particular job will not 
print: 

* Open the Devices and Printers applet or Windows Settings to access the printer 
and open its print queue. Try restarting the job (right-click the document name and 
select Restart). You need permission to Manage Documents on the printer object 
to restart or cancel jobs. 

« If that does not work, delete the print job and try printing it again. 

* Many problems, including "Low memory" or "Out of memory" errors, can also be 
solved by cycling the power on the printer and clearing a backed up print queue. 
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[i NPID1F937 (HP LaserJet 200 colorMFP M276nw) - Out of Paper 


Printer Document View 


Document Name Status Owner Pages Size Submitted 
CompTIA A+ 220-1002 Exam O... James 19 1.81 MB 17:38:32 11/09/2018 
CompTIA A+ 220-1001 Exa tomes 19 1.89 MB 17:38:20 11/09/2018 
Pause | 
et 
Cancel 
Properties 


Port 


Restarts the selected documents. 


Use the print queue to manage jobs—in this instance, you should be loading the printer with some 
paper, rather than trying to restart the print job. (Screenshot used with permission from Microsoft.) 


If you cannot delete a job (if the print queue is backed up or stalled), you will need to 
stop the Print Spooler service. 


1. Open the Computer Management console, then expand Services and 

Applications and select Services. 
Æ Computer Management = im x 
File Action View Help 
e% AmE ne um» a n p 
& Computer Management (Local me) Actions 
~vi savers di Print Spooler Name Description Status Startup Type ^ Services 2 
E Event Viewer ‘Gh Pml Driver HPZ12 Running Automatic More... > 
E Shared Folders ar gitar & PNRP Machine Name Publi... This service ... Manual Print = 
@® Local Users and Groups ISk Portable Device Enumerator... Enforces gr... Manual (Trig... eint Speg; =at 
@®) Performance Gh Power Manages p.. Running Automatic More... > 
A Device Manager ree el j TER #1 Print Spooler is a Running Automatic 
is service spools print jobs an s Stai 
~e Storage handles pascaction with the printer. Sh Psae E zat f: — 
iP Disk Management If you turn off this service, you won't “<i; PrintWorkflow, Cis TT Manual 
v E Services and Applications || be able to print or see your printers. T}; Problem Repo Pause! f- Manual 
SÀ Services T}; Program Comį f... Running Manual 
sj WMI Control Üh Quality Windo Restart a Manual 
‘Gh Radio Manage f.. Manual 
Üi; Remote Acces: All Tasks > m Manual 
& Remote Acces: A f.. Running Automatic 
iSl; Remote Desktc $.. Manual 
‘Gb Remote Desktc Properties $. Manual 
& Remote Desktc Manual 
Ko Remote Procec Jan » Running Automatic 
Gk Remote Procedure Call (RP... In Windows... Manual 
& Remote Regist: Enables rem... Disabled v 
A i Tu- nain E m 
< > |\ Extended A Standard / 
Stop service Print Spooler on Local Computer 
Managing the spooler service using the Computer Management console. (Screenshot used with 
permission from Microsoft.) 

2. Right-click the Print Spooler service and select Stop. 

3. Use Explorer to delete the spooled file from %SystemRoot%\System32\Spool 
\Printers. There will be a *.SPL file (the print job) and possibly a *.SHD file (status 
information), too. 

4. Start the Print Spooler service again. 


Alternatively, you can use net commands to manage the spooler service. Enter the 


commands net stop spoolerandnet start spooler inthe Run dialog 
box or at a command prompt. 


Another option is to try using different spool settings. Spool settings can be configured 
on the Advanced tab of the Properties dialog box. You might want to change these 
settings if there are problems spooling jobs. This page also lets you set the spooled file 
type between EMF and RAW (select Print Processor). In the Printer Properties dialog 
box, change the spool settings as follows, testing after each change: 


* Change the spool data format to RAW. 
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* Turn off spooling (select Print directly to printer). 
Also verify that there is plenty of free disk space on the volume hosting the spooler. 


= HP | A 
| Security Device Settings About 
| General Sharing Ports Advanced Colour Management 
@ Always available 
O Available from 00:00 = 00:00 $ 
Priority: 1 = 
Driver: HP LaserJet 200 color MFP 


Print Processor 


@ Spool print documents so program finis z R . a R n 
Selecting a different print processor may result in different options being 
O Start printing after last page is spool{ available for default data types. If your service does not specify a data type, the 


ene : selection below will be used. 
@ Start printing immediately 


|| O Print directly to the printer Print processor: Default data type: 
| RAW 
. HP1020PrintProc RAW [FF appended] 
C] Hold mismatched documents winprint RAW [FF auto] 
| ; - NT EMF 1.003 
| Print spooled documents first NT EMF 1.006 
| [Keep printed documents NT EMF 1.007 


NT EMF 1.008 


Enable advanced printing features TEXT 


i Printing Defaults... Print Proces 


Spool and Print Processor settings in Printer Properties. 


PERMISSION ISSUES TROUBLESHOOTING 


There are several scenarios where permission issues can affect a user's ability to print 
documents. 


ACCESS DENIED 


If a user is accessing a printer that has been shared over a network, an Access Denied 
message means that the user account has not been configured with permission to 
print documents. Add the user to the relevant security group (or add the relevant 
security group or user object to the printer). 
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= HP LaserJet 200 color MFP M276 PCL 6 Properties x 


General Sharing Ports Advanced Colour Management 
Security Device Settings About 
Group or user names: 
BÈ Everyone 
ALL APPLICATION PACKAGES 
82 CREATOR OWNER 


James at CompTIA (james .pengelly@gtsleaming.com) 


BR Administrators (COMPTIA\ Administrators) 


Add Remove 
Permissions for James at CompTIA Allow Deny 
Print O 
Manage this printer O 
Manage documents O 
Special pemissions 
For special pemissions or advanced settings, click Advanced. PrE 


[Lok] | Conos || sooty 


Configure print device permissions on the Security tab in the Printer Properties dialog box. 


If the permissions are correct, verify that security software is not causing a problem by 
trying to scan the spool folder, and verify the permissions on the spool folder itself. 
You might also investigate the disk hosting the printer spool to ensure there is no 
problem there. 


UNABLE TO INSTALL PRINTER 


If a user cannot install a printer, it is likely to be because their account does not have 
sufficient permissions to install the printer driver. This sort of operation will normally 
have to be performed by an administrator, though it is possible to configure network 
security policies that allow users to install printers with signed drivers. 


If the problem is not related to permissions, verify that you are attempting to install a 
driver for the correct version and type of Windows. In particular, remember that 32-bit 
printer drivers will not work with a 64-bit edition of Windows. 


Also verify that the print spooler service is started. 


Note: There's also the possibility that existing printer drivers are interfering with the one 
you're trying to install. Uninstall these other drivers, then try installing the new one. If you 


need these older drivers for other printers, try removing them from the default printer 
status, then install the new printer driver as the default. 
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DRIVER AND GARBLED OUTPUT ISSUES 


If a print job contains high-resolution graphics or multiple pages and printing is very 
slow, bear in mind that the printer may not have sufficient resources to handle the job 
and may display an error such as Low memory or Out of memory. 


* Try clearing the print queue and sending the job again or cycling power on the 
printer. 

e Ifthere are persistent problems with printing from a specific application, check the 
vendor's troubleshooting website to determine if a driver update will fix the 
problem. 


Use the printer's property sheet to print a test page. If the test page prints successfully, 
then the problem is related to the print function of a particular application. Try printing 
a different file from the same application; if this works, then you know that the 
problem is specific to a particular file. If the test page does not print, try using the 
printer's control panel to print it. If this works, there is some sort of communication 
problem between the print device and Windows. 


One of the first options when trying to remedy most types of software print problem is 
to update the driver to the latest version or use a different driver (PostScript instead of 
PCL, for instance). Also check that the correct job options have been set (media type, 
input tray, duplex printing, monochrome or color, economy mode, and so on). 
Remember that print properties set through the application (by selecting 
File—Print—Properties—Print Setup) override those set as the default (either 
through the Printer object in Windows or through the device's control panel). 


If a print job is garbage (if it emits many pages with a few characters on each or many 
blank pages): 

1. Cancel the print job. 

2. Clear the print queue. 

3. Cycle the power on the printer (leaving it off for 30 seconds to clear the memory). 
4. Try to print again. 

If the problem persists, update the printer driver and check that the printer is set to 


use the correct control language (PCL or PostScript). You can also try changing the 
spool type from EMF to RAW or disabling spooling. 


If printing is slow, use the Advanced property page to choose the Start printing 
immediately option. You can try changing the spool format from RAW to EMF. 


If the characters in a document are different from those expected or if strange 
characters appear in an otherwise normal print, check that fonts specified in the 
document are available on the PC and/or printer. The software application should 
indicate whether the specified font is available or whether it is substituting it for the 
nearest match. 


To view fonts installed on the computer, open the Fonts applet in Control Panel/ 
Windows Settings. Each font family (such as Arial) often comes with a number of 
variants (such as Bold or Italic). If you open a font icon, a preview of the font at 
different sizes is shown. If a font is not shown here, use the File menu to locate and 
install it. Fonts are usually located in C:\Windows\Fonts, but some font manager 
applications may store fonts in another location. 


Note: Most fonts require a license—you should not copy them between computers 
without making the proper licensing arrangements. 
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E Settings = Oo x 


M Home Fonts 


[Fingaseting = rt | Get more fonts in Microsoft Store 


Personalisation . 
Available fonts 


6J Background — — 
helvetica 


Colours 
Filter by: All languages ~ 


Ca Lock screen 


Splendid 

oe ert fireworks 
erupted over 
the sky. 

| As Fonts 

Helvetica 

= Start 2 font faces 

& Taskbar 


If characters do not appear correctly, check that the proper fonts are installed. (Screenshot used with 
permission from Microsoft.) 


A PostScript printer may use internal fonts in preference to those installed on the PC. 
Check Printing Preferences to confirm that the printer is not using font substitution. 


GENERAL PRINT DEFECT RESOLUTION 


If a job prints from Windows but the output is smudged, faded, or arrives with unusual 
marks (print defects), the problem is likely to be a printer hardware or media fault. This 
section describes some of the common faults likely to be encountered. Always consult 

the manufacturer's documentation and troubleshooting notes. 


Note: Working inside any electrical equipment, especially a laser printer, can be 
dangerous. If the cause of a problem is not easily found, you must seek advice from a 


qualified source. You should never defeat a safety interlock in order to operate a printer 
with protective covers removed. 


A paper jam is one of the most frequently occurring printer problems. 


Fixing a paper jam is usually quite straightforward. The key point is to gain proper 
access to the stuck page. Do not use force to try to remove a sheet as you may cause 
further damage. Most sheets will pull free from most parts of the printer, but if a page 
is stuck in the fuser unit of a laser printer, you must use the release levers to get it out. 
Pulling the paper forcibly through the fuser can damage the rollers and, if the paper 
rips, leave paper debris on them. 


If paper jams are frequent, you need to diagnose the problem, rather than simply fix 
the symptom each time. Most paper jams arise because the media (paper or labels) 
are not suitable for the printer or because a sheet is creased, folded, or not loaded 
properly in the tray. There could be a problem with a roller, too. Identify whether or 
not the jam occurs in the same place each time, and take appropriate preventive 
maintenance (clean or replace the part). 
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The printer control panel should identify the location of the paper jam. 


If paper is not feeding into the printer or if the printer is feeding multiple sheets at the 
same time, verify that it is loaded in the tray properly and that it is of an appropriate 
weight (not too thick or thin). If you can discount a media problem, try changing the 
pickup rollers. In a laser printer, these are part of the maintenance kit. 


Note: Fan the edge of a paper stack with your thumb to separate the sheets before 
loading the tray. Do not overdo this however—you can generate a static charge that will 


hold the sheets together. 


LASER PRINTER PRINT DEFECTS 


The causes of print defects tend to be specific to the technology used by the imaging 
process. The following defects are common in laser printers: 


+ Faded or faint prints—if a simple cause such as the user choosing an option for 
low density (draft output) can be discounted, this is most likely to indicate that the 
toner cartridge needs replacing. 

* Blank pages—as noted earlier, this is usually an application or driver problem, but 
it could indicate that a toner cartridge has been installed without removing its 
packing seals. Alternatively, if these simple causes can be discounted, this could also 
be a sign that the transfer roller (or secondary corona wire) is damaged (the image 
transfer stage fails). 

+ Skewed output—verify that the paper is inserted correctly and that media guides 
are well-positioned (not too tight and not too loose). 

* White stripes—this indicates either that the toner is poorly distributed (give the 
cartridge a gentle shake) or that the transfer roller is dirty or damaged. 

+ Black stripes or whole page black—indicates that the primary transfer roller is 
dirty or damaged or that the High Voltage Power Supply to the developer unit is 
malfunctioning. 

* Toner specks—if the output is "speckled," loose toner may be getting onto the 
paper. Clean the inside of the printer using an approved toner vacuum. 

* Persistent marks—streaks, vertical or horizontal lines, and other marks that 
appear in the same place (referred to as repetitive defects) are often due to dirty 
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feed rollers (note that there are rollers in the toner cartridge and fuser unit, too) or 
a damaged or dirty photosensitive drum. 

* Toner not fused to paper—if the output smudges easily, this indicates that the 
fuser needs replacing. 

* Wavy or wrinkled output—make sure the paper is inserted correctly (try turning 
the stack over). 

* Ghost images—this is a sign that the photosensitive drum has not been cleaned 
properly. The drum is smaller than the size of a sheet of paper, so if the image is 
not completely cleared it will repeat as a light "ghost" or dark "shadow" image 
farther down the page. Images may also appear from previous prints. Try printing a 
series of different images and see if the problem resolves itself. If not, replace the 
drum/toner cartridge. 

* Wrong color/color cast—if prints come out in the wrong color (for example, if the 
whole print has a magenta tint), ensure that the toner cartridges have been 
installed in the correct location (for instance, that a Magenta cartridge hasn't been 
installed in the Cyan slot). Also ensure that there is sufficient toner in each 
cartridge. If there is a cast or shadow-like effect, one or all of the cartridges, rollers, 
or transfer belt are probably misaligned. Try reseating them and then run the 
printer calibration utility, and print a test page to verify the problem is solved. 

* Color missing—if a color is completely missing, try replacing the cartridge. If this 
does not solve the issue, clean the contacts between the printer and cartridge. 

* Paper jams—if the media and pickup rollers are good and if the jam occurs within 
the drum assembly but before the image is fused, the cause could be a faulty Static 
Eliminator Strip. Normally, this removes the high static charge from the paper as it 
leaves the transfer unit. If the strip fails, the paper may stick to the drum or curl as it 
enters the fuser unit. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


INKJET AND DOT MATRIX PRINT DEFECTS 


Defects in inkjet and dot matrix output tend to be concentrated around print head and 
media issues. 


INKJET PRINTERS 


Lines running through printouts indicate a dirty print head or blocked ink nozzle, which 
can usually be fixed by running a cleaning cycle. Most other print quality problems 
(output that smears easily, wavy or wrinkled output, or blurry output) is likely to be a 
media problem. As with laser printers, persistent marks on output probably indicate a 
dirty feed roller. If the print head jams, the printer will probably display a status 
message or show a flashing LED. Try turning the printer off and unplugging it then 
turning it back on. Inconsistent color output indicates that one of the ink reservoirs is 
running low (or that a print head for one of the color cartridges is completely blocked). 
If a document does not print in color, check that color printing has actually been 
selected. 


DOT MATRIX PRINTERS 


Lines in the output indicate a stuck pin in the print head. Output can also be affected 
by the platen position. The platen adjusts the gap between the paper and the print 
head to accommodate different paper types. Incorrect adjustment of the platen gap 
can cause faint printing (gap too wide) or smudging (too narrow). On more 
sophisticated printers, the platen gap is adjusted automatically. Use an Isopropyl 
Alcohol solution to clean the print head if necessary. 
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Activity 5-6 


Troubleshooting Printer Issues 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Auser reports that the printed output is not up to the usual standards for her 
printer. You will need to resolve this issue so she can print her report. 


What is the overall process for troubleshooting this issue? 


2. If print jobs do not appear at the printer and the queue is clear, what could 
you try first to solve the problem? 


3. Where on disk is the print file spooled in Windows? 


4. You need to restart the Print Spooler service on a Windows 7 machine. You have 
logged on as Administrator. 


What are your next steps? 


5. How would you track down the source of a paper jam? 


6. What should you do if you cannot delete a job stuck in the print queue? 


7. Paper is jamming in an inkjet printer. 


What could be causing this? 
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What effect does a worn photosensitive drum have on printing? 


A laser printer is producing white stripes on the paper. 


What could be causing this? 


What effect does a dirty primary corona wire have on laser printing? 
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Activity 5-7 


Maintaining and Troubleshooting 
Printers 


SCENARIO 


Depending on the equipment available, in this activity, you will complete some routine 
maintenance and troubleshooting of printers. 


1. Read the printer service documentation provided by your instructor carefully. 


2. Complete a maintenance cycle on a print device. For example, on a laser printer, 
complete the following tasks: 
a) Remove the toner cartridge and maintenance kit components from the laser printer. 
b) Clean the laser printer using the approved products available. 
c) Replace the maintenance kit components and toner cartridge. 


3. Print a test page using the printer's configuration panel. If available, print the 
configuration page, too. 


4. Depending on the facilities available in your training center, your instructor will 
create one or more printer issues to troubleshoot. For each scenario, record what 
you think the problem is and what action you should take. After confirming with 
the instructor, complete your plan to resolve the problem. 


a) Issue #1 
Problem: 
Action: 

b) Issue #2 
Problem: 
Action: 

c) Issue #3 
Problem: 
Action: 

d) Issue #4 
Problem: 
Action: 
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Topic F 


Install and Configure Imaging Devices 


EXAM OBJECTIVES COVERED 
Fl 1001-3.6 Explain the purposes and uses of various peripheral types. 


Printers are used to create output from a variety of sources. Some of those sources 
take the form of copying physical documents and photos. Another source might be 
from a barcode. Some printers include features that allow you to copy or scan an item 
to bring it into the computer as a file, or to take it directly from the source to output 
from the printer. In this topic, you will look at a variety of scanning devices. 


IMAGING DEVICES 


In a previous lesson, you learned about some imaging devices such as digital cameras 
and webcams. Another type of imaging device is scanners. 


SCANNERS 


A scanner is a digital imaging device, designed to create computer file data from a 
real-life object. Typically, scanners handle flat objects, like documents, receipts, or 
photographs. Optical Character Recognition (OCR) software can be used to convert 
scanned text into digital documents, ready for editing. Historically, scanners could be 
connected using the parallel port or via a SCSI bus. Nowadays, scanners are connected 
via USB or via an Ethernet network port (RJ-45) or wireless (Wi-Fi/802.11) network. 


FLATBED SCANNERS 


A flatbed scanner works by shining a bright light, usually from a Cold Cathode 
Fluorescent Lamp (CCFL), at the object, which is placed on a protective glass surface. 
A system of mirrors reflects the illuminated image of the object onto a lens. The lens 
either uses a prism to split the image into its component colors (Red, Green, and Blue) 
or focuses it onto imaging sensors coated with different color filters. 


There are two main types of imaging sensor: Charge Coupled Device (CCD) and 
Complementary Metal Oxide Semiconductor (CMOS). Most flatbed scanners use 
CCD-type sensors. 
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A flatbed scanner. (Image © 123RF.com.) 


SHEET-FED AND ADF SCANNERS 


Contact Image Sensor (CIS)-based scanners use an array of LEDs (Light Emitting 
Diodes) that strobe between red, green, and blue light to illuminate the image. This is 
reflected via a rod-shaped lens onto an image sensor. CIS scanners are typically used 
in sheet-fed scanners. In a sheet-fed scanner or the scan component of an 
Automatic Document Feeder (ADF), rather than passing the scan head under the 
paper, the paper is passed over a fixed scan head. 


This design is much more compact and often used in "all-in-one" type MultiFunction 
Devices (MFDs). 


MULTI-FUNCTION DEVICES 


A multi-function device (MFD) is a piece of office equipment that performs the 
functions of a number of other specialized devices. MFDs typically include the 
functions of a printer, scanner, fax machine, and copier. However, there are MFDs that 
do not include fax functions. Although the multi-function device might not equal the 
performance or feature sets of the dedicated devices it replaces, multi-function devices 
are very powerful and can perform most tasks adequately and are an economical and 
popular choice for most home or small-office needs. 


=z 
=: 


Printing output 
tray 


An MFD. (Image © 123RF.com.) 
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SCAN OPTIONS 


When the scanner has been connected to the PC and configured by Plug-and-Play, it 
should become available to applications that can use the scan interface. Older 
scanners use TWAIN-based software; modern scanners are more likely to use 
Windows Image Acquisition (WIA). The software will present options for the image 
output format (PDF or JPEG, for instance) and tools for selecting and correcting the 
image. Another option may be to use Optical Character Recognition (OCR) software to 
convert a text image into a computer-editable text document. 


Select a shortcut, adjust settings, and click Scan. 
Or, create a new shortcut. 


Save as JPEG 


Scan size: 
Entire Scan Area 


Output type: 
Color 


Resolution: 
200 dpi 


Show scan preview 


Advanced Settings... 
Create New Shortcut... 


Restore Defaults 


HP Scan image acquisition software. 


Some scanners have the options available directly on the printer to specify what 
format to scan the item as, the resolution, and other options. 


BARCODE SCANNERS 


A barcode scanner is a handheld or pen-shaped device designed to scan barcodes. A 
barcode is a pattern of different sized parallel bars, typically representing a product 
number, such as an ISBN, IAN/EAN, or UPC. The reader uses a sensor mechanism (one 
of a photo diode, laser, or CCD) to read the intensity of light reflected back by the 
barcode. The reader then reports the number back to application software, which links 
it to a product database. Barcode scanners are connected to a computer using a USB 
port. 
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An example of a barcode scanner. (Image © 123RF.com.) 


QR SCANNERS 


Quick Response (QR) codes are a particular type of 2D barcode that have been 
widely adopted for consumer-oriented uses. A QR code can be scanned using a smart 
phone camera, a normal digital camera, or webcam. There is no need to install special 
barcode scanning hardware. QR code scanning software can identify a QR code image 
directly from the camera and initiate the appropriate response in software to the 
information contained in the QR code. This might be to open a website or import a 
contact record or calendar event. 


Note: Actually, a camera can be used to scan any type of barcode if the software to 
identify and interpret the barcode is available. 


Pee 
rl 
OF 


An example of a QR code you can scan with a QR scanner installed on your smart phone. 
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Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
and job aids on How to Install and Configure Imaging Devices. 
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Activity 5-8 


Discussing Imaging Device Installation 
and Configuration 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What type of connection interface is a scanner most likely to use? 


2. What type of sensor is used to capture an image for conversion to a digital 
file? 


3. What is the function of OCR? 


4. What type of imaging input device would be most useful for a Point-of-Sale 


(POS) system? 


5. True or false? Any type of smartphone camera can be used to read a QR 
code. 
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Summary 


In this lesson, you supported printers. Because printers enable users to transfer digital 
information to paper, they are among the most commonly used devices in almost 
every type of computing environment. As an A+ certified professional, you can use the 
skills and knowledge from this lesson when you are called upon to install, configure, or 
troubleshoot printers 


When would you recommend to users that they use laser printers? Inkjet 
printers? Impact printers? Thermal printers? 


Which printer maintenance tasks have you performed, on which types of 
printers? Which maintenance tasks are most important in your organization? 
Why are they so important? 


Practice Question: Additional practice questions are available on the CompTIA CHOICE 
platform within the Assessments tile. 
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Lesson 6 


Network Infrastructure Concepts 


LESSON INTRODUCTION 


In this lesson, you will learn about the technologies underpinning networking infrastructure, such 
as network cables, wireless standards, switches, routers, and protocols. Having a basic background 
in networking fundamentals is a vital prerequisite for providing IT support. In today's environment, 
standalone computing is a rarity. Just about every digital device on the planet today is connected to 
external resources via some kind of network, whether it is a small office/home office network, a 
corporate Wide Area Network (WAN), or directly to the Internet itself. 


The ability to connect, share, and communicate using a network is crucial for running a business 
and staying connected to everything in the world, so as a CompTIA® A+® support technician, you 
will need to understand the technologies that underlie both local and global network 
communications to ensure that the organization you support stays connected. 


LESSON OBJECTIVES 


In this lesson, you will: 

e Use appropriate tools to select, install, and test network cabling for a given network type. 
* Compare and contrast the functions and features of networking hardware devices. 

* Compare and contrast wireless networking protocols. 

* Compare and contrast Internet connection types. 


* Describe the properties and characteristics of Internet Protocol (IP) addressing and network 
configuration. 


e Identify the protocols and ports underpinning Internet applications and local network services. 
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Topic A 


Wired Networks 


EXAM OBJECTIVES COVERED 
A 1001-2.2 Compare and contrast common networking hardware devices. 


1001-2.7 Compare and contrast Internet connection types, network types, and their 
features. 

1001-2.8 Given a scenario, use appropriate networking tools. 

1001-3.1 Explain basic cable types, features, and their purposes. 

1001-3.2 Identify common connector types. 


In this topic, you will identify types of wired networks. Recognizing network types and 
suitable cabling options for them will help you determine the best approach for 
customer needs. In order to properly and safely work with networking components, 
you must also understand how networking tools are used and how they can be used to 
fix common issues found in networks. 


NETWORK TYPES 


A network is two or more computer systems linked together by some form of 
transmission medium that enables them to share information. The network technology 
is what connects the computers, but the purpose of the network is to provide services 
or resources to its users. Historically, these services have included access to shared 
files, folders, and printers plus email and database applications. Modern networks are 
evolving to provide more diverse services, including web applications, social 
networking, Voice over IP, multimedia conferencing, and Internet of Things connectivity 
for household devices and appliances. 


To categorize the size and nature of individual networks, the industry has developed 
terms that broadly define the scope of different types of network. 


LOCAL AREA NETWORKS 

One basic distinction between types of network is between Local Area Networks 
(LANs) and Wide Area Networks (WANs). A LAN is a self-contained network that spans 
a small area, such as a single building, floor, or room. In a LAN, all the nodes or hosts 
participating in the network are directly connected with cables or short-range wireless 
media. A LAN is typically a single site or possibly several sites in close proximity 
connected by high-speed backbones. The term campus area network (CAN) is 
sometimes used for a LAN that spans multiple nearby buildings. Any network where 
the nodes are within about 1 or 2 km (or about 1 mile) of one another can be thought 
of as "local." 
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LANs within a building. (Image © 123RF.com.) 


WIDE AREA NETWORKS 


A Wide Area Network (WAN) spans multiple geographic locations. WANs typically 
connect multiple LANs using long-range transmission media. WANs are usually thought 
of as relying on some intermediate network, such as the Internet or phone system, to 


connect geographically diverse LANs. A network where remote users "dial-in" is also a 
type of WAN. 


Long-Range 
Transmission 


Wide Area Network (WAN). (Image © 123RF.com.) 


METROPOLITAN AREA NETWORKS 


The term Metropolitan Area Network (MAN) is sometimes used, though it doesn't really 
have a clear definition other than an area equivalent to a city or other municipality. It 
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could mean a company with multiple connected networks within the same 
metropolitan area—so, larger than a LAN but smaller than a WAN. 


Metropolitan Area Network (MAN). (Image © 123RF.com.) 


ETHERNET TYPES AND STANDARDS 


Most cabled LANs are based on the Ethernet networking product, developed by the 
DIX consortium (Digital Equipment Corporation [DEC], Intel, and Xerox). Ethernet 
standards are now maintained by the Institute of Electrical and Electronics Engineers 
(IEEE). Ethernet is technically known by the series of standards produced by the IEEE 
802.3 working group. Although the product name is not used in 802.3 standards 
documentation, it is otherwise universally referred to as Ethernet. 


There are four broad "types" of Ethernet: 


* 10 Mbps (10BASE-)—this is the original standard, specifying cabling and connectors 
for copper wire and fiber optic products. 

+ Fast Ethernet (100BASE-)—copper wire and fiber optic implementations of 100 
Mbps LANs. 

* Gigabit Ethernet (1000BASE-)—1000 Mbps LANs. This has replaced Fast Ethernet as 
the "standard" for a typical LAN. 

e 10G Ethernet (10GBASE-)—10 Gbps links for LANs and WANs, mostly using fiber 
optic media. 10G Ethernet is widely used in data centers. 


The IEEE 802.11 series of standards (Wi-Fi) are used to implement Wireless Local Area 
Networks (WLAN) so the technologies complement one another and are often used 
together in the same network. 


Ethernet is a very flexible technology. It can support a wide range of different types 
and sizes of LAN. While a LAN is self-contained, that does not mean that it has to be 
small. LANs can range from networks with three or four nodes to networks with 
thousands of nodes. We are going to focus on two particular classes of LAN: SOHO and 
enterprise. 
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COMMON ETHERNET NETWORK IMPLEMENTATIONS 


Networks can range in size from just a few connected devices in a home environment, 
to thousands of devices in a large worldwide enterprise. 


SOHO NETWORKS 


A SOHO (Small Office Home Office) LAN is a business-oriented network possibly using 
a centralized server in addition to client devices and printers, but often using a single 
Internet appliance to provide connectivity. Home and residential networks may also be 
classed as SOHO. 


Internet 
? Service 
D p Provider 


X 
DSL ae 


Router Internet 


Router/ 
Modem/ 
Access Point 
> 
O 


A typical SOHO network layout. (Image © 123RF.com.) 


These Internet appliances provide the following functions: 


* Access point—allows clients with wireless radio adapters to connect to the network. 

* Ethernet switch—connects wired client devices and printers with RJ-45 cables. 

* Internet modem—interfaces with the physical link to the ISP's routers (DSL or cable, 
for instance). 

e Internet router—forwards communications to and from the Internet Service 
Provider (ISP) routers to provide Internet access. 


ENTERPRISE NETWORK ARCHITECTURE 


Networks supporting larger businesses or academic institutions use the same switch, 
access point, router, and modem functions as are present in SOHO networks, but 
because they must support more clients with a greater degree of reliability, each 
function is performed by a separate network device. You could think of these larger 
networks as falling into two categories: 


+ SME (Small and Medium Sized Enterprise)—A network supporting tens of users. 
Such networks would use structured cabling and multiple switches, access points, 
and routers to provide connectivity. 

+ Enterprise LAN—A larger network with hundreds or thousands of servers and 
clients. Such networks would require multiple enterprise-class switch, access point, 
and router appliances to maintain performance levels. 
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The term Campus Area Network (CAN) is sometimes used for a LAN that spans 
multiple nearby buildings. 


The following graphic illustrates how network appliances might be positioned in an 
enterprise LAN. Client devices are located in work areas, which are connected to the 
network by cabling running through wall conduit and patch panel or by wireless access 
points. Workgroup switches connect these devices to core/distribution switches and 
routers, which provide access to network servers, printers, and Internet services. 
Internet services run in protected Demilitarized Zones (DMZ) to provide Internet access 
for employees, email and communications, remote access via Virtual Private Networks 
(VPNs), and web services for external clients and customers. 
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Positioning network components. (Image © 123RF.com.) 


TWISTED PAIR CABLING AND CONNECTORS 


Most cabled LANs use a type of copper wire called twisted pair as transmission media. 


UNSHIELDED TWISTED PAIR (UTP) CABLE 

Unshielded Twisted Pair (UTP) is the type of cabling most widely used for computer 
networking. With the type of UTP used for Ethernet, the cable contains four copper 
conductor "pairs." Each conductor has an insulating sheath. Each pair of conductors is 
twisted, which reduces interference between the wires (crosstalk) and interference 
from other electromagnetic sources, referred to as Electromagnetic Interference (EMI). 
Each pair is twisted at a different rate to further reduce interference. The signals sent 
over each pair are balanced. This means that each wire carries an equal but opposite 
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signal to its pair. This is another factor helping to identify the signal more strongly 
against any source of interference. 


The four pairs are covered by a protective outer jacket. The insulation sheaths and 
jacket are usually made of (PVC). 


UTP works well where there are no powerful interference sources, but the electrical 
signaling method has limited range. The signal is said to suffer from attenuation, 
meaning that it loses power quickly over long ranges (above 100 m). 


Insulated 


Four pairs of 
conductors 


Wires twisted 
together 


UTP cable. (Image © 123RF.com.) 


CAT STANDARDS 


The number of twists is one factor in determining the speed and transmission 
limitations of the cable. Twisted pair cable is rated for different Ethernet applications 
according to "Cat" specifications, defined in the TIA/EIA-568-C Commercial Building 
Telecommunications Cabling Standards. 


Cat Frequency Capacity Max. Distance Network Application 
5 100 MHz 100 Mbps 100 m (328 ft) 100BASE-TX 

5e 100 MHz 1 Gbps 100 m (328 ft) 1000BASE-T 

6 250 MHz 1 Gbps 100 m (328 ft) 1000BASE-T 

6 250 MHz 10 Gbps 55 m (180 ft) 10GBASE-T 

6A 500 MHz 10 Gbps 100 m (328 ft) 10GBASE-T 


Note: Vendors sometimes label Cat 6A cable as "Cat 6e" because Cat 5e followed Cat 5. 
The "A" stands for "augmented." 


Cat 5 cable is no longer available. Cat 5e is tested at 100 MHz—as Cat 5 was—but to 
higher overall specifications for attenuation and crosstalk, meaning that the cable is 
rated to handle Gigabit Ethernet throughput. Cat 5e would still be an acceptable choice 
for providing network links for workstations. Cat 6 can support 10 Gbps, but over 
shorter distances. Cat 6A is an improved specification cable with the ability to support 
10 Gbps over 100 m. It is mostly deployed in data centers or as backbone cabling 
between servers and network appliances. 


Note: Cabling is not the only part of the wiring system that must be rated to the 
appropriate category. For faster network applications (Gigabit Ethernet and better), the 


performance of connectors becomes increasingly critical. For example, if you are 
installing Cat 6A wiring, you must also install Cat 6A patch panels, wall plates, and 
connectors. 


Lesson 6: Network Infrastructure Concepts | Topic A 


304 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


SHIELDED TWISTED PAIR (STP) 


When twisted pair cabling was first used in networks based on IBM's Token Ring 
product, it was usually shielded to make it less susceptible to interference and 
crosstalk. Each pair was surrounded by a braided shield. This cable construction is 
referred to as Shielded Twisted Pair (STP). STP is bulky and difficult to install, so 
where a degree of protection from interference is required, modern twisted pair 
cabling installations use screened cables, meaning a shield positioned around all pairs. 
There are many different ways of designating different types of shielding. Most Cat 5e/ 
6/6A cable is available in shielded variants, notably F/UTP and U/FTP: 


+ F/UTP—with a foil screen around all pairs, often also designated ScTP. 
+ U/FTP—with foil shielding for each pair. 


F/UTP cable with a foil screen surrounding unshielded pairs. (Image by Baran Ivo and released to 
public domain.) 


Legacy STP cable could be more complex to install as it required bonding each element 
to ground manually but modern screened and shielded solutions (using appropriate 
cable, connectors, jacks, and patch panels) reduce this complexity by incorporating 
grounding within the design of each element. 


PLENUM CABLE 


A plenum space is a void in a building designed to carry Heating, Ventilation, and Air 
Conditioning (HVAC) systems. Plenum space is typically a false ceiling, though it could 
also be constructed as a raised floor. As it makes installation simpler, this space has 
also been used for communications wiring in some building designs. Plenum space is 
an effective conduit for fire, as there is plenty of airflow and no fire breaks, such as 
walls and doors. If the plenum space is used for heating, there may also be higher 
temperatures. Therefore, building regulations require the use of fire-retardant plenum 
cable in such spaces. Plenum cable must not emit large amounts of smoke when 
burned, be self-extinguishing, and meet other strict fire safety standards. 


General purpose (non-plenum) cabling uses PVC (polyvinyl chloride) jackets and 
insulation. Plenum-rated cable uses treated PVC or Fluorinated Ethylene Polymer (FEP). 
This can make the cable less flexible but the different materials used have no effect on 
bandwidth. Data cable rated for plenum use under the US National Electrical Code 
(NEC) is marked CMP/MMP. General purpose cables are marked CMG/MMG or CM/MP. 


WIRING STANDARDS FOR TWISTED PAIR 


Twisted pair cabling for Ethernet is terminated using modular RJ-45 connectors. RJ-45 
connectors are also referred to as 8P8C, standing for 8-position/8-contact. Each 
conductor in 4-pair Ethernet cable is color-coded. Each pair is assigned a color (Blue, 
Orange, Green, or Brown). The first conductor in each pair has a predominantly white 
insulator with stripes of the color; the second conductor has an insulator with the solid 
color. 
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RJ-45 Connector: RJ-45 Connector: 


EIA/TIA 568 A EIA/TIA 568 B 
C oe Standard Standard 
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Twisted pair RJ-45 connectors. (Image © 123RF.com.) 


The ANSI/TIA/EIA 568 standard defines two methods for terminating RJ-45 connectors: 
T568A and T568B. The wiring for T568A is shown in the previous figure. In T568B, pin 1 
is wired to Orange/White, pin 2 is wired to Orange, pin 3 is wired to Green/White, and 
pin 6 is wired to Green or, put another way, the orange and green pairs are swapped 
over. 


A normal—or straight through—Ethernet cable is wired with the same type of 
termination at both ends. Using T568A at one end and T568B at the other creates a 
crossover cable. Crossover cables were once used to connect computers directly, but 
Gigabit Ethernet interfaces can perform the crossover automatically, even if standard 
cable is used. 


Organizations should try to avoid using a mixture of the two standards. It is difficult to 
say whether one is more prevalent than the other. T568A is mandated for US 
government premises and by the residential cabling standard (TIA 570). 


PATCH PANELS AND STRUCTURED CABLING 


A Gigabit Ethernet link using twisted pair cabling can be up to 100 m (328 feet) long. 
This means there must be no more than 100 m of cabling between the switch and the 
computer. There is also a distinction between solid and stranded cabling. 


Solid cabling uses a single thick wire for each conductor. Solid cable is used for 
"permanent" links, such as cable running through walls. This is often also called drop 
cable, as the installer drops the cable through the wall void to the hole cut out for the 
port. This cable links the RJ-45 port on a wall plate with a patch panel. Rather than 
using modular RJ-45 connectors, solid cable terminates in Insulation Displacement 
Connectors (IDC) at the back of the wall plate and patch panel, as shown here. 


The other side of the patch panel has pre-wired RJ-45 ports. A patch cord is used to 
connect a port on the patch panel to a port on the switch. A patch cord is made using 
stranded cable, which comprises lots of very thin wires twisted to make a single 
conductor. This makes the cable much more flexible but less efficient. A patch cord is 
not supposed to be longer than 5 m. 
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Patch panel with pre-wired RJ-45 ports. (Image by Svetlana Kurochkina © 123RF.com.) 


A second patch cord is used between the computer's network adapter and the wall 
port. This use of patch cords, permanent links, and patch panels is referred to asa 
structured cabling system. 


Note: It is vital to use an effective labeling system when installing this type of network so 
that you know which patch panel port is connected to which wall port. 


CABLE INSTALLATION AND TESTING TOOLS 


You could fill a small van and spend a not-so-small fortune on the various tools 
available for installing and maintaining data cabling. The range of tools you require will 
of course depend on the cabling work you do, but the following can be considered 
typical. 


WIRE STRIPPER/CUTTER 


Electrician's scissors (snips) are designed for cutting copper wire and stripping 
insulation and cable jackets. Alternatively, there are dedicated tools or tools that have 
replaceable blades for different data cable types. Cable cutting blades should be 
rounded to preserve the wire geometry. Stripping tools should have the correct 
diameter to score a cable jacket without damaging the insulation around each wire. 
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A cable stripper. (Image by gasparij © 123RF.com.) 


PUNCH-DOWN TOOL 


These tools fix conductors into an IDC. The wire pairs are untwisted and laid in the 
terminals in the IDC in the appropriate termination order (T568A or T568B). It is 
important not to untwist the pairs too much, however. The punch-down tool then 
presses the wire into the terminal, cutting through the insulation to make an electrical 
contact. There are different IDC formats (66, 110, and Krone) and these require 
different blades. Many punch-down tools have replaceable blades. 


A punch-down tool. (Image by gasparij © 123RF.com.) 


CRIMPERS 


These tools fix a jack to a cable. As with an IDC, the wires are laid in the appropriate 
terminals in the jack and the crimper tool then closes and seals the jack. The tools are 
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specific to a particular type of connector and cable, though some may have modular 
dies to support a range of RJ-type jacks. 


A wire crimper. (Image by gasparij © 123RF.com.) 


Note: It is best to use prefabricated patch cords where possible. These are far less likely 
to create problems. 


CABLE TESTING TOOLS 

The best time to verify wiring installation and termination is just after you have made 
all the connections. This means you should still have access to the cable runs. 
Identifying and correcting errors at this point will be much simpler than when you are 
trying to set up end user devices. When troubleshooting a cabled network link, you 
may need to consider: 


* The patch cord between the PC and the wall port. 
* The wall port and the cabling in the wall. 
* The port on the patch panel and the patch cord to the switch port. 


Test patch cords by substitution with a "known good" one. If the problem is not caused 
by the patch cord and you can rule out configuration errors, you need to start testing 
the structured links. There are a number of network cabling and infrastructure 
troubleshooting devices to assist with this process. 


A multimeter can be used as a basic cable testing tool. The primary purpose of a 
multimeter is for testing electrical circuits, but you can use one to test for the 
continuity of any sort of copper wire, the existence of a short, and the integrity of a 
terminator. To perform useful tests, you need to know the readings that are expected 
from a particular test. For example, if the resistance measured across UTP Ethernet 
cable is found to be 100 ohms, then the cable is OK, but if the resistance between the 
two ends of a cable is infinity, then the cable has a break. Many multimeters designed 
for ICT use incorporate the function of a wire map tester. These are also available as 
dedicated devices. Wire map testers can identify wiring problems that a simple 
continuity test will not detect, such as transpositions and reversed pairs. 
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Multimeter. (Image by Norasit Kaewsai © 123RF.com.) 


More advanced cable testers provide detailed information on the physical and 
electrical properties of the cable. For example, they test and report on cable 
conditions, crosstalk, attenuation, noise, resistance, and other characteristics of a cable 
run. Devices classed as certifiers can be used to test and certify cable installations to a 
particular performance category (for example, that a network is TIA/EIA 568-C Category 
6 compliant). They use defined transport performance specifications to ensure an 
installation exceeds the required performance characteristics for parameters such as 
attenuation and crosstalk. 


A cable tester. (Image by Vladimir Zhupanenko © 123RF.com.) 


TONE GENERATOR AND PROBE 

A tone generator and probe tool is used to trace a cable from one end to the other. 
This may be necessary when the cables are bundled and have not been labeled 
properly. This device is also known as a "Fox and Hound" or "toner and probe." The 
tone generator is used to apply a signal on the cable. The probe is used to detect the 
signal and follow the cable over ceilings and through ducts or identify it from within the 
rest of the bundle. 


Lesson 6: Network Infrastructure Concepts | Topic A 


310 | The Official CompTIA® A+® Core 7 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


To locate a cable in a group of cables, connect the tone generator to the copper ends 
of the wires, then move the tone locator over the group of cables. A soft beeping tone 
indicates that you are close to the correct wire set; when the beeping is loudest, you 
have found the cable. 


Note: Do not connect a tone generator to a cable that is connected to a NIC. The signal 
sent by the tone generator can destroy network equipment. 


LOOPBACK PLUGS 


A loopback plug is used to test a port. It involves connecting pin 1 to pin 3 and pin 2 to 
pin 6. You can do this either by rewiring the jack or twisting the relevant pairs together 
on a cable stub. Alternatively, you can purchase a prefabricated loopback plug. When 
you connect a loopback plug to a port, you should see a solid connection LED. You can 
also use the plug in conjunction with diagnostic software. 
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| RJ-45 Connector 
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A loopback plug. (Image © 123RF.com.) 


FIBER OPTIC CABLING AND CONNECTORS 


Copper wire carries electrical signals, which are subject to interference and 
attenuation. Light signals are not susceptible to interference, cannot easily be 
intercepted (eavesdropped), and suffer less from attenuation. Consequently, fiber 
optic cabling can support much higher bandwidth, measured in multiple gigabits or 
terabits per second, and longer cable runs, measured in miles rather than feet. 


— 
peee 


A fiber optic strand. (Image by artush © 123RF.com.) 


An optical fiber consists of an ultra-fine core of glass to carry the light signals 
surrounded by glass or plastic cladding, which guides the light pulses along the core, 
and a protective coating called the buffer. The fiber optic cable is contained in a 
protective jacket and terminated by a connector. 


Fiber optic cables fall into two broad categories: single-mode and multi-mode: 
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+ Single-Mode Fiber (SMF) has a small core (8-10 microns) and is designed to carry a 
long wavelength, near infrared (1310 or 1550 nm) light signal, generated by a laser. 
Single-mode cables support data rates up to 10 Gbps or better and cable runs of 
many kilometers, depending on the quality of the cable and optics. 

* Multi-mode (MMF) has a larger core (62.5 or 50 microns) and is designed to carry a 
shorter wavelength light (850 nm or 1300 nm) transmitted in multiple waves of 
varying length. MMF uses less expensive optics and consequently is less expensive 
to deploy than SMF. However, it does not support such high signaling speeds or 
long distances as single-mode and so is more suitable for LANs than WANs. 


A number of connectors have been designed for use with fiber optic cabling. Some 
types are more popular for multi-mode and some for single-mode. Connectors for 
MMF are usually color-coded beige while those for SMF are blue. The core of each 
connector is a ceramic or plastic ferrule that ensures continuous reception of the light 
signals. 


* Straight Tip (ST)—A bayonet-style connector that uses a push-and-twist locking 
mechanism; used mostly for multi-mode networks. 

* Subscriber Connector (SC)—Connector with a push/pull design that allows for 
simpler insertion and removal than FC. There are simplex and duplex versions, 
though the duplex version is just two connectors clipped together. It can be used 
for single- or multi-mode. 

* Lucent or Local Connector (LC)—A small form factor connector with a tabbed 
push/pull design. LC is similar to SC but the smaller size allows for higher port 
density. 


Patch cord with duplex SC format connectors (left) and LC connectors (right). (Image by YANAWUT 
SUNTORNKI © 123RF.com.) 


Patch cords for fiber optic can come with the same connector on each end (ST-ST, for 
instance) or a mix of connectors (ST-SC, for instance). Fiber optic connectors are quite 
easy to damage and should not be repeatedly plugged in and unplugged. 


@ Note: To protect your eyesight, do not look directly into a fiber optic port. 


COAXIAL CABLING AND CONNECTORS 


Coaxial, or coax cable is a different type of copper cabling, also carrying electrical 
signals. Where twisted pair uses balancing to cancel out interference, coax uses two 
conductors that share the same axis. The core signal conductor is enclosed by plastic 
insulation (dielectric) then a second wire mesh conductor serves both as shielding 
from EMI and as a ground. 
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Detailed layers of a coaxial cable. (Image by destinacigdem © 123RF.com.) 


Coax cables are categorized using the Radio Grade (RG) "standard." The Radio Grade 
(or Radio Guide) classifications were developed by the US military but are no longer 
actively maintained by any sort of standards body. They do not prescribe the quality of 
coax cabling but categorize it by the thickness of the core conductor and the cable's 
characteristic impedance. 


* RG-6 cable has a thicker core conductor for better signal quality and is often used as 
a drop/patch cable for modern Cable Access TV (CATV) and broadband cable 
modems. 


* RG-59 cable has a thinner core conductor and was used as a drop cable for older 
CATV/cable modem installs and is also used for CCTV cabling. 


Coax cabling is also available with tri- or quad-shielding for better resistance to EMI 
and eavesdropping. 


In most cases, BNC (alternately Bayonet-Neill-Concelman, British Naval Connector, or 
Barrel Nut Connector) connectors are crimped to the ends of the cable. The impedance 
of the connector must match the cable type (50 or 75 ohm). 
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An example of a coaxial F-connector (left) and a BNC connector (right). (Image © 123RF.com.) 


Coax installations also use screw-down F-connectors. A broadband cable service, for 
example, is likely to use the F-connector for drop cables. 


As an Ethernet LAN media product (10BASE-5/Thicknet and 10BASE-2/Thinnet), coax 
could support 10 Mbps with cable lengths of up to 500 m and 185 m, respectively. 
Coax is considered obsolete in terms of LAN applications but is still widely used for 
CCTV networks and as drop cables for cable TV (CATV) and Internet access, where it can 
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support higher bandwidths but at reduced range. In a Hybrid Fiber Coax (HFC) 
network, coax cable links the fiber optic trunk serving the whole street to the cable 
"modem" installed in the customer's premises. Coax suffers less from attenuation than 
twisted pair but is generally bulkier and more difficult to install. 


Lesson 6: Network Infrastructure Concepts | Topic A 


314 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


Activity 6-1 


Discussing Wired Networks 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Your company has a global presence, and all locations can communicate. At each 
site, there is a network, and that network connects to the overall organizational 
network. In some locations, there are multiple sites within a city. 


Identify each type of network described here. 


2. You are performing a wiring job, but the company wants to purchase the media 
and components from another preferred supplier. The plan is to install a network 
using copper cabling that will support Gigabit Ethernet. The customer is about to 
purchase Cat5e cable spools. 


Is this the best choice? 


3. What is the significance of network cabling marked "CMP/MMP"? 


4. You need to connect cable wires to a patch panel. 


Which networking tool might help you? 


5. What type of tool provides comprehensive information about the properties 
of a network cable installation? 
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6. What features of fiber optic cable make it more suitable for WANs than 
copper cabling? 


7. What types of connector are often used with coaxial cable? 
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Topic B 


Network Hardware Devices 


EXAM OBJECTIVES COVERED 
BI 1001-2.2 Compare and contrast common networking hardware devices. 


In this topic, you will identify several types of network devices and other components. 
Network adapters, Internet modems, switches, and routers are fundamental network 
connectivity devices, and you will often encounter them in the network environments 
that you support. Understanding the functions and capabilities of these devices will 
prepare you to support a wide variety of network environments. 


NETWORK INTERFACE CARDS 


Communications are transported over an Ethernet cable by electrical signaling in the 
case of twisted pair, or light signaling in the case of fiber optic. The physical connection 
to the network media is made using a port in the computer's network adapter or 
Network Interface Card (NIC). For the NIC to be able to transmit and receive the 
signals and process them as digital data, they must be divided into regular units with a 
consistent format. There must also be a means for each node on the local network to 
address communications to another node. Ethernet provides a data link protocol to 
perform these framing and addressing functions. 


The signaling mechanism uses various encoding methods to represent the 1s and Os of 
computer data as electrical or light pulses. The transceiver in the NIC is responsible for 
transmitting and receiving these pulses in the agreed frame format. 


FRAMES 

Each frame is identified by a preamble sequence, which is basically a warning to the 
NIC to expect a new frame. A frame is formatted with control information in the form 
of header fields, each of a fixed size and presented in a fixed order. The most 
important fields are the destination and source addresses of the adapter to which the 
frame is being directed and the adapter from which it was sent. Other information (not 
shown in the following simplified figure) includes the frame length and network layer 
protocol identifier. 


Following these fields comes the payload. This is the data that is being transported 
over the network. It will normally consist of a network packet, such as an Internet 
Protocol (IP) packet, with its own headers and payload. Putting layers of packets within 
one another like this is called encapsulation. 


The frame finishes with a checksum. The receiving computer can calculate its own 
checksum and compare it to this value. If they do not match, the receiving host rejects 
the frame as damaged. 


Pre- Destination Error 


amble Address 


Source Address Checking 


Construction of a frame. 
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ETHERNET NIC FEATURES 


Most motherboards come with an onboard Ethernet network adapter. An additional or 
replacement NIC could also be installed as a PCle expansion card if the onboard 
adapter is not suitable for a particular network implementation. 


All onboard cards support copper-based Ethernet with RJ-45 ports. You might use an 
add-in card to support other types of Ethernet, notably fiber optic. Some cards support 
more than one type of connector. You can also purchase cards with multiple ports of 
the same type—two or four Gigabit RJ-45 Ethernet ports, for instance. The multiple 
ports can be bonded to create a higher speed link. Four Gigabit Ethernet ports could 
be bonded to give a nominal link speed of 4 Gbps. 


Physical network 
address 


Network 
connection port H 


Status indicator ‘ 
lights 


A network interface card. (Image © 123RF.com.) 


MEDIA ACCESS CONTROL (MAC) ADDRESS 


Each Ethernet network adapter port has a unique hardware or physical address known 
as the Media Access Control (MAC) address. MAC addresses provide the value used 

in a frame's source and destination address fields. A MAC address consists of 48 binary 
digits (6 bytes). This is typically represented as 12 digits of hexadecimal with colon or 
hyphen separators or no separators at all—for example, 00:60:8c:12:3a:bc or 
00608c123abc. 


NIC LED STATUS DIODES 


Network adapters typically have one or more Light Emitting Diode (LED) status lights 
that can provide information on the state of the network connection. 


* Most adapters have a link light that indicates if there is a signal from the network. If 
the link light is not lit, there is generally a problem with the cable or the physical 
connection. 

* Most adapters also have an activity light that flickers when packets are received or 
sent. If the light flickers constantly, the network might be overused or there might 
be a device generating network noise. 

* Some multi-speed adapters have a speed light to show whether the adapter is 
operating at 10 Mbps (Ethernet), 100 Mbps (Fast Ethernet), or 1000 Mbps (Gigabit 
Ethernet). 

* Some types of equipment combine the functions of more than one light into dual- 
color LEDs. For example, a green flickering light might indicate normal activity, 
whereas an orange flickering light indicates network traffic collisions. 
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LEGACY NETWORKING DEVICES 


In a structured cabling system, the computer is connected to a wall port and—via 
cabling running through the walls—to some sort of patch panel. The port on the patch 
panel is then connected to a port on the switch. The switch is the network appliance 
that "ties" the whole local network together. However, while switches are the 
appliances at the core of most modern Ethernet networks, you should also be aware of 
the basic function of legacy appliances, such as hubs and bridges. 


HUBS AND REPEATERS 

A hub is an early type of device used to implement the Ethernet cabling design, 
referred to as a star topology. The hub contains a number of ports—typically between 
4 and 48—to provide connections for network devices. A hub simply ensures that all 
devices receive signals put on the network, working as a multiport repeater. 


Using a hub to implement a physical star topology. Node A transmits a signal, which is received by the 
hub and forwarded out of each other port for reception by all the other nodes. (Image © 123RF.com.) 


A repeater is a device used to overcome the distance limitations imposed by network 
cabling. It receives a transmission arriving over one cable segment and then 
regenerates and retransmits it at the original strength over another cable segment. 


Note: Standalone repeater devices are still widely used. On fiber optic networks it is often 
necessary to use repeaters on long-distance communications cabling. 


BRIDGES 

A bridge is a device that divides a local network into two or more segments. Hosts on 
one segment are able to communicate with those on another segment only via the 
bridge. Contention arises in hub-based Ethernet because all communications are 
received by all computers connected to the hub. The hub just repeats all transmissions 
across all ports. A lot of the communications are unnecessary and a lot of them 
"collide." When there is a collision, all the nodes have to stop and resend frames, 
slowing the network down. The network segment in which these collisions occur is 
called a collision domain. Any nodes attached to a hub are in a single collision 
domain. 
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A bridge can be used to divide an overloaded network into separate collision domains. 
The bridge keeps track of the MAC addresses attached to each segment. The bridge 
only passes signals from one segment to another if there is a match to the destination 
MAC address, reducing traffic loads in any one segment. The network should be 
designed so that relatively little traffic actually needs to pass over the bridge. 


Bridge operation—the bridge tracks MAC addresses associated with each port and only forwards 
communications out of the port associated with the destination MAC address. (Image © 123RF.com.) 


SWITCHES 


Neither hub nor bridge appliances are widely used on networks anymore. Their 
functions have been replaced by Ethernet switches. Like hubs, switches can connect 
nodes together in a single network, repeating and regenerating signals over multiple 
ports. Like bridges, switches are used to reduce the effect of contention on network 
performance. 


A workgroup switch. (Image © 123RF.com.) 


MICROSEGMENTATION 

An Ethernet switch performs the same sort of function as a bridge but can provide 
many more ports. Bridges only came with up to 4 ports. A single switch might have up 
to 48 ports and multiple switches can be connected together to create a switched 
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fabric with thousands of ports. Each switch port is a separate collision domain. In 

effect, the switch establishes a point-to-point link called a virtual circuit between any 

two network nodes. This is referred to as microsegmentation. It works as follows: 

1. Computer A transmits a frame intended for Computer B. 

2. The switch receives the frame into a port buffer and reads the destination MAC 
address from the Ethernet frame. 

3. The switch uses its MAC address table to look up the port connected to the 
destination MAC address. 

4. The switch uses its high speed backplane to send the frame out on port 3 for 
computer B to receive. 

5. None of the other connected devices, such as host C, observe any activity on the 
network while this process takes place. Therefore, these other devices are able to 
transmit and receive at the same time. 


Switch operation. (Image © 123RF.com.) 


Because each port is in a separate collision domain, collisions can only occur if the port 
is operating in half-duplex mode. This would only occur if a legacy network card or a 
hub is attached to it. Even then, collisions only affect the segment between the port 
and that adapter—they do not slow down the whole network. For other devices, the 
network appears free, so they are able to send communications at the same time using 
the full bandwidth of the network media. 


duplex). 


Note: You are very unlikely to come across hub or bridge appliances. The vast majority of 
Ethernet networks are implemented using switches. Gigabit Ethernet can only run using 
switches. Note that the function of a bridge is still an important one, though. For 
example, a PC might use a software bridge between network adapters (for network 
connectivity when the host is running virtualization software, for instance). 


Note: Half duplex means that a port can either send or receive but cannot do both at the 
same time. Ports supporting Gigabit Ethernet can send and receive at the same time (full 
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MANAGED AND UNMANAGED SWITCHES 


An unmanaged switch performs the microsegmentation function described 
previously without requiring any sort of configuration. You just power it on, connect 
some hosts to it, and it works without any more intervention. You might find 
unmanaged switches with four or eight ports used in small networks. There is also an 
unmanaged switch embedded in most of the Internet router/modems supplied by 
Internet Service Providers (ISP) to connect to their networks. 


Larger workgroups and corporate networks require additional functionality in their 
switches. Switches designed for larger LANs are called managed switches. A managed 
switch will work as an unmanaged switch out-of-the-box, but an administrator can 
connect to it over a management port, configure security settings, and then choose 
options for the switch's more advanced functionality. 


Modular chassis allows provisioning multiple access switches. (Image © 123RF.com.) 


One of the main reasons for using managed switches is that enterprise networks might 
have to provide hundreds or thousands of access ports. This is accomplished by linking 
multiple switches together. Having that many ports on the same network creates its 
own performance and security issues, so managed switches support a method of 
dividing the ports into separate Virtual LANs (VLANs). 


Configuration of a managed switch can either be performed over a web interface or 
some sort of command line. 
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FastEthernet1/0/1 is up, line protocol is up (connected) 
Hardware is Fast Ethernet, address is f41f.c253.7103 (bia f41f.c253.7103) 
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec, 

reliability 255/255, txload 1/255, rxload 1/255 
Encapsulation ARPA, loopback not set 
Keepalive set (10 sec) 
Full-duplex, 100Mb/s, media type is 10/100BaseTx 
input flow-control is off, output flow-control is unsupported 
ARP type: ARPA, ARP Timeout 04:00:00 
Last input 00:00:51, output 00:00:00, output hang never 
Last clearing of “show interface" counters never 
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 
Queueing strategy: fifo 
Output queue: 0/40 (size/max) 
5 minute input rate 0 bits/sec, 0 packets/sec 
5 minute output rate 0 bits/sec, 0 packets/sec 
18 packets input, 1758 bytes, 0 no buffer 
Received 4 broadcasts (2 multicasts) 
0 runts, 0 giants, 0 throttles 
0O input errors, 0 CRC, O frame, O overrun, O ignored 
0 watchdog, 2 multicast, 0 pause input 
0 input packets with dribble condition detected 
111 packets output, 13828 bytes, 0 underruns 
0 output errors, 0 collisions, 1 interface resets 
0 unknown protocol drops 


Viewing interface configuration on a Cisco switch. 


POWER OVER ETHERNET 


Power over Ethernet (PoE) is a means of supplying electrical power from a switch 
port over Cat 5 or better data cabling to a connected powered device, such as a tablet 
computer, VoIP handset, security camera, or wireless access point. PoE is defined in 
two IEEE standards (now both rolled into 802.3-2012): 


* 802.3af—powered devices can draw up to about 13 W over the link. Power is 
supplied as 350mMA@48V and limited to 15.4 W, but the voltage drop over the 
maximum 100 feet of cable results in usable power of around 13 W. 

* 802.3at (PoE+)—powered devices can draw up to about 25 W. PoE+ allows for a 
broader range of devices to be powered such as cameras with pan/tilt/zoom 
capabilities, door controllers, and thin client computers. 


PoE-enabled switches are referred to as end-span (or end-point) Power Sourcing 
Equipment (PSE). If an existing switch does not support PoE, a device called a power 
injector can be used. When a device is connected to a port on a PoE switch, the switch 
goes through a detection phase to determine whether the device is PoE-enabled. If 
not, it does not supply power over the port and therefore does not damage non-PoE 
devices. If so, it determines the device's power consumption and sets the supply 
voltage level appropriately. 


Powering these devices through a switch is more efficient than using a wall-socket AC 
adapter for each appliance. It also allows network management software to control the 
devices and apply power schemes, such as making unused devices go into sleep states 
and power capping. 


ETHERNET OVER POWER 


SOHO networks are unlikely to use a structured cabling scheme, with cable conduit 
and patch panels. Many SOHO networks will be based around a single Internet router, 
server computer, and several workstations, possibly all located within the same room. 
A residential network might also require connectivity for smart appliances, such as 
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Smart TVs and game consoles. The main challenge is usually joining up the location 
selected for the majority of the equipment with the location of the Internet access line. 


An obvious solution for connecting SOHO devices is wireless. For many SOHO 
networks, the bandwidth available for WLANs will be adequate. There may be 
interference issues, however, and some home appliances, such as set-top boxes, might 
not support Wi-Fi. As an alternative to installing new data cabling, Ethernet over 
Powerline products can make use of building power circuits. Power is typically 
delivered as a 50-60 Hz alternating current, at between 100-240 volts, varying from 
country to country. Powerline overlays a higher frequency carrier signal on the lines 
and uses this to transfer Ethernet frames. 
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Powerline adapter provides an Ethernet port from a power outlet. (Image by Le Moal Olivier © 
123RF.com.) 


A network connection is established via a Powerline adapter plugged directly into an 
electrical outlet. Note that strip sockets are generally not supported. The adapter 
provides one or two Ethernet RJ-45 ports to connect network equipment. The adapters 
automatically detect and communicate with one another over the electrical wiring with 
no configuration needed, though optionally a security key can be enabled to encrypt 
transmissions. A pass-through adapter also features an electrical outlet, allowing 
continued use of the socket. 


Standards for Ethernet over Powerline are defined by IEEE 1901 and products are 
managed by the HomePlug Powerline Alliance. Most products on the market conform 
to the HomePlug AV or AV2 standards, which are interoperable (older HomePlug 1.0 
devices are not compatible). Within this, products are rated according to the maximum 
(theoretical) bandwidth, from AV200 (200 Mbps) to AV1200. If a mix of adapters is used, 
the network will operate only at the highest speed supported by all of the adapters. 


Note: Most Powerline installations will not achieve more than half the theoretical 
bandwidth. 
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Activity 6-2 


Discussing Network Hardware Devices 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What is a MAC address? 


2. What feature(s) should you check when ordering an Ethernet network card? 


3. Atechnician has discovered an 8-port Ethernet hub appliance in a store. 


Can this device be usefully deployed on a modern network? 


4. Your manager is resisting the use of an unmanaged switch to support a network 
of up to a dozen computers at a branch office. 


What are the arguments for and against proceeding? 
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You are assisting a customer looking to purchase switches that support powering 
VoIP handset devices directly. The customer is confused between Power over 
Ethernet and Ethernet over Power. 


Can you explain the difference and identify which technology the customer 
needs? 
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Topic C 


Wireless Networks 


EXAM OBJECTIVES COVERED 
BI 1001-2.2 Compare and contrast common networking hardware devices. 


1001-2.4 Compare and contrast wireless networking protocols. 
1001-2.7 Compare and contrast Internet connection types, network types, and their 
features. 


Wireless technologies can now achieve sufficient bandwidth to replace wired ports for 
many types of clients in a typical office. It is also more convenient for SOHO networks 
to use wireless as the primary access method for computers, laptops, smartphones, 
and tablets. Wireless can provide connectivity for desktops or even servers in places 
where it is difficult or expensive to run network cabling. As a CompTIA A+ technician, 
you will often be called upon to install, configure, and troubleshoot wireless 
technologies, so it is imperative that you understand the basics. 


WHAT IS WIRELESS NETWORKING? 


"Wireless" encompasses a whole range of connectivity products and technologies, 
from personal area networking to Internet connectivity. Most wireless technologies use 
radio waves as transmission media. Radio systems use transmission and reception 
antennas tuned to a specific frequency for the transfer of signals. 


WIRELESS FREQUENCIES AND CHANNELS 


The range of broadcast radio frequencies (RF) extends from 3 KHz to 300 GHz. 
Frequencies are subdivided into bands such as very low and ultra high. FM radio and 
television signals are broadcast in the Very High Frequency (VHF) band (30-300 MHz). 


The use of the radio spectrum is regulated by national governments and (to some 
extent) standardized internationally by the International Telecommunications Union 
(ITU). Use of a frequency usually requires a license from the relevant government 
agency. The license ensures no one else can transmit that frequency within a particular 
area. 


There are however, unregulated frequencies—Industrial, Scientific, and Medical (ISM) 
bands—that do not require a license, such as the 2.4 GHz and 5 GHz bands. The 
wireless networking products operate in these unregulated ultra high frequencies. 
There is a limit on power output, which means range is restricted. 


802.11 (WIRELESS LAN STANDARDS) 


When talking about "wireless networking" for desktops, laptops, smartphones, and 
tablets, the term is generally understood to mean the IEEE's 802.11 standards for 
Wireless LANs (WLANs), also called Wi-Fi. There are five main versions of the standard, 
as summarized here: 


Standard Maximum Transfer Rate Band 
802.11a (1999) 54 Mbps 5 GHz 
802.11b (1999) 11 Mbps 2.4 GHz 
802.11 (2003) 54 Mbps 2.4 GHz 
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Standard Maximum Transfer Rate Band 
802.11n (2009) 288.8 Mbps/stream (Single 2.4/5 GHz 
Channel) 
600 Mbps/stream (Bonded 
Channels) 
802.11ac (2013) 1.7 Gbps (at time of writing) 5 GHz 


Note that the transfer rates quoted are illustrative of an optimal installation and are 
heavily dependent on the quality of the access point, the number of clients connecting 
simultaneously, and interference and obstructions in the environment. The 
frequencies used by Wi-Fi lack penetrating power and there can be interference from 
nearby unregulated devices, such as baby monitors and cordless phones. Microwave 
ovens can also cause interference. 


The actual data rate will drop with distance and in the presence of interference, with 
the preference being for a slower, stable connection over a faster, error-prone one. 


FREQUENCIES 


Every wireless device operates on a specific radio frequency within an overall 
frequency band. It is important to understand the difference between the two most 
common frequency bands in the IEEE 802.11 standards: 2.4 GHz and 5.0 GHz. 


* 2.4 GHz is the longer wavelength, which gives it longer range (given the same power 
output) and makes it better at propagating through solid surfaces. However, the 2.4 
GHz band does not support a high number of individual channels and is often 
congested, both with other Wi-Fi networks and other types of wireless technology, 
such as Bluetooth. Consequently, with the 2.4 GHz band there is increased risk of 
interference and the maximum achievable data rates are typically lower than with a 
5 GHz channel. 

* 5 GHz is less effective at penetrating solid surfaces and so does not support the 
maximum ranges achieved with 2.4 GHz standards. Nonetheless, the band supports 
more individual channels and suffers less from congestion and interference, 
meaning it supports higher data rates. 


RANGE 


Products working in the 2.4 GHz band can be quoted as having a maximum indoor 
range of anywhere from 30 to 45 m (100 - 150 feet). Products using 5 GHz are usually 
quoted as having a maximum range of about one third less (up to about 30 m, say). For 
most wireless networks, however, absolute range is less important than the number of 
clients that have to be supported and the construction of walls and ceilings. 


CHANNELS 

The 2. band is subdivided into up to 14 channels, spaced at 5 MHz intervals from 2412 
MHz up to 2484 MHz. Wi-Fi requires bandwidth of approximately 20 MHz, not 5 MHz. 
Consequently, a site designer needs to choose the channels that do not overlap. Ona 
WLAN where only the first 11 channels are available, channels 1, 6, and 11 can be 
selected as non-overlapping. 


Note: In the Americas, regulations permit the use of channels 1-11 only, while in Europe, 
channels 1-13 are permitted. In Japan, all 14 channels are permitted. 


The limited number of non-overlapping channels means that co-channel interference 
is a real possibility. Special codes embedded in the signal give each transmitting node a 
distinguishing pattern, so that nearby networks can share the same channel at once. At 
some point, however, the channel becomes saturated with too many WLANs. 
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The 5 GHz band is subdivided into 23 non-overlapping channels each ~20 MHz-wide. 
The greater number of non-overlapping channels means that co-channel interference 
is less of a problem for the 5 GHz band. This means that more WLANs can occupy the 
same area or that you can provision more access points closer together to support a 
greater density of client devices. 


Note: Initially there were 17 channels in the 5 GHz band, but the subsequent 802.11h 

© standard added another 12. 802.11h also adds the Dynamic Frequency Selection (DFS) 
method to prevent access points working in the 5 GHz band from interfering with radar 
and satellite signals. The exact use of channels can be subject to different regulations in 
different countries. 


WIRELESS NETWORK STANDARDS 


Use of the legacy standards—802.11a/b/g—is now limited to quite old equipment. You 
are relatively unlikely to come across networks still supporting them. As 802.11nb and 
g both worked at 2.4 GHz, 802.11g provided an upgrade path for 802.11b WLANs. 
Working in the 5 GHz band, 802.11a is incompatible with the other two and was not as 
widely adopted. 


IEEE 802.11n 

The 802.11n standard provides substantially more bandwidth than the legacy 
standards. It multiplexes the signals from 2-4 separate antennas in a process called 
Multiple-Input-Multiple-Output (MIMO). The configuration of 802.11n devices is 
identified by AxB:C notation, where A is the number of transmit antennas, B is the 
number of receive antennas, and C is the number of simultaneous transmit and 
receive streams. The maximum possible is 4x4:4 but common configurations are 2x2:2, 
3x3:2, or 3x3:3. Both the transmitter and receiver must support the same number of 
streams. 


802.11n can deliver even more bandwidth with the option to use two adjacent 20 MHz 
channels as a single 40 MHz channel (channel bonding). 802.11n products can use 
channels in the 2.4 GHz band or the 5 GHz band. The 5 GHz band is preferred for 
optimal bandwidth and to avoid interference with existing 2.4 GHz networks and 
devices. Channel bonding is only a practical option in the 5 GHz band. Assuming the 
maximum number of spatial streams and optimum conditions, the nominal data rates 
for 802.11n are 288.8 Mbps for a single channel and 600 Mbps for bonded channels. 


Note: Cheaper adapters may only support the 2.4 GHz band. Many smartphone models 
only support 2.4 GHz. An access point or adapter that can support both is referred to as 


dual band. A dual band access point can support both 2.4 GHz and 5 GHz bands 
simultaneously. This allows legacy clients to be allocated to the 2.4 GHz band. 


IEEE 802.11ac 

The 802.11ac standard continues the development of 802.11n technologies. The main 
distinction is that 802.11ac works only in the 5 GHz band. The 2.4 GHz band can be 
used for legacy standards (802.11b/g/n) in mixed mode. The aim for 802.1 1ac is to get 
throughput similar to that of Gigabit Ethernet or better. It supports more channel 
bonding (up to 80 or 160 MHz channels), up to 8 spatial streams rather than 4, and 
denser modulation (at close ranges). 


As with 802.11n, only high-end equipment will be equipped with sufficient antennas to 
make use of up to 8 streams. At the time of writing, no devices actually support more 
than 4x4:4 streams. The maximum theoretical data rate with 8 streams and 160 MHz 
channel bonding is about 6.93 Gbps. Cisco's Aironet 1850e 4x4:4 access points support 
up to 1.7 Gbps with 80 MHz channels. 
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ACCESS POINTS AND WIRELESS NETWORK MODES 


Most Wi-Fi networks are configured in what is technically referred to as infrastructure 
mode. Infrastructure mode means that each client device (or station) is configured to 
connect to the network via an Access Point (AP). In 802.11 documentation, this is 
referred to as a Basic Service Set (BSS). The MAC address of the AP is used as the Basic 
Service Set Identifier (BSSID). More than one BSS can be grouped together in an 
Extended Service Set (ESS). 


The access point works as a bridge, forwarding communications between the wireless 
stations and the wired network, referred to as a Distribution System (DS). The access 
point will be joined to the network in much the same way as a host computer is—via a 
wall port and cabling to an Ethernet switch. 


An access point. (Image © 123RF.com.) 


Access Points can also be configured to forward frames between one another, 
functioning in a Wireless Distribution System (WDS) to extend the network without 
using a cabled backbone. A WDS can be configured in bridge mode, where the access 
points only forward communications between one another, and repeater mode, where 
they also communicate with stations. 


A WDS can be complex to set up and can suffer from compatibility problems when 
devices from multiple vendors are used. For residential users, a range extender is a 
simpler device for regenerating a signal from an access point to a more remote 
location, such as an upstairs room. Another option is a range extender that works with 
a powerline adapter to communicate with the access point over the electrical wiring. 


AD-HOC AND WI-FI DIRECT 

Stations can also be configured to connect directly to one another. With older network 
standards, this is referred to as ad-hoc mode. Such peer-to-peer connections are now 
more likely to be implemented as Wi-Fi Direct, which has the advantage of 
automatically configuring a secure link between the stations. 


WIRELESS MESH NETWORK (WMN) TOPOLOGY 

The 802.11s standard defines a Wireless Mesh Network (WMN). Unlike an ad hoc 
network, nodes in a WMN (called Mesh Stations) are capable of discovering one 
another and peering, forming a Mesh Basic Service Set (MBSS). The mesh stations can 
perform path discovery and forwarding between peers, using a routing protocol, such 
as the Hybrid Wireless Mesh Protocol (HWMP). 


Lesson 6: Network Infrastructure Concepts | Topic C 


330 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


PERSONAL AREA NETWORKS 

The concept of a Personal Area Network (PAN) has gained some currency with the 
profusion of wireless and cellular connection technologies in the last few years. A PAN 
refers to using wireless connectivity to connect to devices within a few meters— 
printers, smartphones, headsets, speakers, video displays, and so on. 


WIRELESS NETWORK CARDS 


Each station in a Wi-Fi network needs to be installed with a Wi-Fi adapter supporting 
the 802.11 standard(s) used on the network. A Wi-Fi adapter can be installed if the 
function is not available on the motherboard. Both internally installed adapter cards 
and USB-connected adapters are available. A Wi-Fi card may also need to be installed 
to support the latest standard (upgrading from 802.11g to 802.11n or 802.11ac, for 
instance). Like an Ethernet card, a Wi-Fi adapter is identified at the data link layer by a 
MAC address. 
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Activity 6-3 


Discussing Wireless Networks 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What is the maximum transfer rate of an 802.112 Wi-Fi adapter? 


2. Why are 2.4 GHz networks more susceptible to interference than 5 GHz 
networks? 


3. How does 802.11n achieve greater speeds than previous Wi-Fi standards? 
4. Can 802.11ac achieve higher throughput by multiplexing the signals from 


both 2.4 and 5 GHz frequency bands? Why or why not? 


5. Why might a wireless mesh network topology be used? 
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Topic D 


Internet Connection Types 


EXAM OBJECTIVES COVERED 
R 1001-2.2 Compare and contrast common networking hardware devices. 


1001-2.4 Compare and contrast wireless networking protocols. 
1001-2.7 Compare and contrast Internet connection types, network types, and their 
features. 


In the previous topics, you identified the network cabling and devices used to 
implement different types of Local Area Networks (LANs). A key component of any 
network is the ability to communicate with remote hosts over the Internet. In this topic, 
you will learn to compare and contrasts methods of Internet access, as provided for 
typical SOHO network types. 


INTERNET CONNECTIONS 


The major infrastructure of the Internet, also referred to as the Internet backbone, 
consists of very high bandwidth trunks connecting Internet eXchange Points (IXPs). 
These trunks and IXPs are mostly created by telecommunications companies and 
academic institutions. They are typically organized on national and international levels. 
Within the data center supporting any given IXP, Internet Service Providers (ISPs) 
establish high-speed links between their networks, using transit and peering 
arrangements to carry traffic to and from parts of the Internet they do not physically 
own. There is a tiered hierarchy of ISPs that reflects to what extent they depend on 
transit arrangements with other ISPs. 


Customers connect to an ISP's network via a local Point of Presence (PoP). The ISP 
uses a backhaul link (or a transit arrangement with another ISP) to connect each POP 
to their core network infrastructure and one or more IXPs. 


INTERNET SERVICE PROVIDERS 


Most home users and businesses rely on an Internet Service Provider (ISP) to facilitate 
the link between their SOHO network and the Internet. Internet access is then a 
question of how you join your local network to the ISP's PoP. 


The consumer and small business technologies for doing this are dial-up, "broadband" 
(DSL, FTTx, or cable), and wireless (radio or satellite). Each has its advantages and 
disadvantages depending on the type of access and frequency of use required. 


Most SOHO Internet access methods makes use of the Public Switched Telephone 
Network (PSTN). The PSTN is the national and global telecommunications network. 
The voice-grade copper wire part of this network (between subscribers and the 
telecom provider's switches) is sometimes referred to as the Plain Old Telephone 
Service (POTS), "local loop," or "last mile." 


The ISP handles the business of allocating one or more public Internet Protocol (IP) 
addresses that will work on the Internet and other services, such as domain name 
registration, web and email hosting, and so on. 


Enterprise ISP solutions will offer much higher bandwidth links, often using fiber optic 
cabling. 
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Internet access for a standalone PC via an ISP. (Image © 123RF.com.) 


POINT-TO-POINT PROTOCOL 

The Point-to-Point Protocol (PPP) is typically used to encapsulate the network 
protocol, which will usually be TCP/IP, over the link to the ISP. PPP also provides a 
mechanism to authenticate the user and manage the connection between the local 
computer or network and the ISP's router. 


BROADBAND INTERNET ACCESS 


Broadband covers a range of different connection technologies. The main 
characteristics are that they are "always-on" (that is, the connection does not need to 
be re-established for each session) and data transfer rates are (a lot) higher than 
analog dial-up. 


DSL 


Digital Subscriber Line (DSL) uses the higher frequencies available in a copper 
telephone line as a communications channel. The use of a filter prevents the DSL 
signals from contaminating voice traffic. The use of advanced modulation and echo 
canceling techniques enable high bandwidth, full duplex transmissions. 


A DSL "modem" makes the connection to the phone system. Typically, the modem 
function will be part of a DSL router/modem/access point appliance that can provide 
access to a small network of computers. The phone line makes the connection to a 
bank of DSL modems in the exchange, called a DSL Access Multiplier (DSLAM). The 
DSLAM channels voice and data traffic to the appropriate network. Depending on the 
equipment used by the ISP, the data link protocol used for DSL may be PPP over ATM 
(PPPoA) or PPP over Ethernet (PPPoE). 


There are various "flavors" of DSL, notably asymmetrical and symmetrical types: 


* Asymmetrical DSL (ADSL) is a "consumer" version of DSL that provides a fast 
downlink but a slow uplink. There are various iterations of ADSL, with the latest 
(ADSL2+) offering downlink rates up to about 24 Mbps and uplink rates up to 1.4 
Mbps, or 3.3 Mbps upstream if the provider supports Annex M/ADSL2+ M. 


Often service providers impose usage restrictions to limit the amount of data 
downloaded per month. Actual speed may be affected by the quality of the cabling 
in the consumer's premises and between the premises and the exchange and also 
by the number of users connected to the same DSLAM (contention). The maximum 
range of an ADSL modem is typically about 10,000 feet (2 miles or 3 km), but the 
longer the connection, the greater the deterioration in data rate. 
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* Symmetric versions of DSL offer the same uplink and downlink speeds. These are of 
more use to businesses and for branch office links, where more data is transferred 
upstream than with normal Internet use. 

* Very High Bitrate DSL (VDSL) achieves higher bit rates at the expense of range. It 
allows for both symmetric and asymmetric modes. Over 300 m (1000 feet), an 
asymmetric link supports 52 Mbps downstream and 6 Mbps upstream, whereas a 
symmetric link supports 26 Mbps in both directions. VDSL2 also specifies a very 
short range (100 m/300 feet) rate of 100 Mbps (bi-directional). 


FIBER OPTIC INTERNET ACCESS 


Fiber optic cabling supports much higher bandwidth and lower distance limitations 
than copper cabling. Fiber optic cabling has replaced copper cabling within the "core" 
of telecommunications networks. Extending fiber optic cabling to individual subscriber 
homes and businesses is slowly taking place. There are two principal types of 
businesses operating fiber optic networks for SOHO Internet access—companies with 
their roots in cable TV on one hand and the telecommunications providers with their 
roots in telephone services on the other. 


HYBRID FIBER COAX (HFC)/CABLE 


A cable Internet connection is usually available along with a Cable Access TV (CATV) 
service. These networks are often described as Hybrid Fiber Coax (HFC) as they 
combine a fiber optic core network with coax links to customer premises equipment, 
but are more simply just described as "broadband cable" or just as "cable." 


The cable modem is interfaced to the local network or computer through an Ethernet 
adapter and with the cable network by a short segment of coax. More coax then links 
all the premises in a street with a Cable Modem Termination System (CMTS), which 
routes data traffic via the fiber backbone to the ISP's Point of Presence (PoP) and from 
there to the Internet. Cable based on the Data Over Cable Service Interface 
Specification (DOCSIS) supports downlink speeds of up to 38 Mbps (North America) 
or 50 Mbps (Europe) and uplinks of up to 27 Mbps. DOCSIS version 3 allows the use of 
multiplexed channels to achieve higher bandwidth. 


FIBER TO THE CURB (FTTC) 


For the telecommunications companies, the major obstacle to providing really high 
bandwidth to consumers and small businesses is in the last mile of the telephone 
network. Copper cabling infrastructure in the last mile is often of poor quality as it was 
only designed to service a telephone line. The projects to update this wiring to use 
fiber optic links are referred to by the umbrella term "Fiber to the X" (FTTx). 


The most expensive solution is Fiber to the Premises (FTTP) or its domestic variant 
Fiber to the Home (FTTH). The essential point about both these implementations is 
that the fiber link is terminated on customer premises equipment. Such "pure" fiber 
solutions are not widespread and generally carry a price premium above other types of 
Internet access. 


Other solutions can variously be described as Fiber to the Node (FTTN) or Fiber to 
the Curb/Cabinet (FTTC). These extend the fiber link to a communications cabinet in 
the street servicing multiple subscribers. This is similar model to HFC, but instead of 
the coax segment, each subscriber is linked to the fiber service by running Very High 
Bitrate DSL (VDSL) over the existing telephone wiring. 


DIAL-UP INTERNET ACCESS 


Dial-up is simply a telephone conversation between two computers. Whereas with DSL 
this "conversation" is pushed to the higher frequency parts of the phone line, with dial- 
up it occupies the whole frequency range, but not very efficiently. Ordinary telephone 
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charges apply for the duration of each session and the phone line cannot be used for 
voice calls at the same time. A dial-up link is very low bandwidth. 


A dial-up connection is facilitated by analog modems on each end of the line. A dial-up 
modem converts digital signals to an analog carrier signal (modulation) and transmits 
it over the telephone cable, making a distinctive screeching noise. The modem at the 

other end converts the analog signal back to digital (demodulation) and processes the 


data. 


Public telephone network 


o nann "d SUNIL 


Dial-up modems. (Image © 123RF.com.) 


The main disadvantages of this system are the low data transfer rates, the time it takes 
for the connection to be established, and error prone links. The fastest modems can 
only usually work at 33.6 Kbps (V.34+) and this speed is reaching the limitations of 
analog lines. Using the V.90 or V.92 digital signaling protocol, a downlink speed of up to 
56 Kbps is possible in theory, though rarely achieved in practice. The use of 
compression can also improve the data transfer throughput, though as many of the 
files being transferred are likely to be compressed already (image files, for instance), 
the improvement will be variable. 


Consequently, dial-up has been almost completely superseded by other technologies 
and would only be used as a backup method or in areas where no other access 
methods are supported. 


ISDN INTERNET ACCESS 


Integrated Services Digital Network (ISDN) is a digital circuit-switched technology 
for voice, video, and data (hence "integrated services"). ISDN makes use of existing 
copper telephone wiring, if the wiring is of sufficient quality. Unlike dial-up, however, it 
uses the line to transmit digital signatures for both voice and data. This means that 
there are no inefficient analog-to-digital conversions and so higher speeds can be 
supported. 


ISDN is a dial-up service billed for by line rental and per-minute usage. Although itis a 
dial-up technology, it is capable of establishing a circuit connection in less than 1 
second—much faster than an analog modem. 


The most common uses of ISDN are for interconnection of LANs and remote users 
(teleworkers) to businesses. There are two classes of ISDN: 
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* Basic Rate Interface (BRI) provides two 64 Kbps "B" channels for data and one 16 
Kbps "D" channel for link management control signals. It is sometimes called 2B+D. 
One option is to use one B channel for data and leave the other for voice or fax; 
another is to provide a 128 Kbps link by concatenating the two B channels. This 
form of ISDN is intended for SOHO use. 

+ Primary Rate Interface (PRI) provides 23 or 30 "B" channels (or between about 1.5 
and 2 Mbps), depending on location in the world, and one 64 Kbps D channel. This 
form of ISDN is intended for larger companies and is commonly used to provide a 
link between two company locations. 


Much of the switching technology of ISDN remains in use in terms of the 
telecommunications core network, but as an Internet access method for subscribers, it 
has largely been superseded by DSL and cable. It remains a good solution outside 
metropolitan areas where these other services may not be available. 


An ISDN connection would typically be facilitated through a Terminal Adapter (TA). 
The TA may be an external appliance or a plug-in card for a PC or compatible router. 
The TA is connected to the ISDN network via an NT1 device (Network Terminator). The 
ISDN-enabled router may then either be connected to a switch or support direct 
connections from ISDN devices. 


FIXED WIRELESS INTERNET ACCESS 


Wired broadband Internet access is not always available, especially in rural areas or in 
older building developments, where running new cable capable of supporting DSL or 
FTTC is problematic. In this scenario, some sort of fixed wireless Internet access might 
be an option. 


SATELLITE INTERNET ACCESS 

Satellite systems provide far bigger areas of coverage than can be achieved using other 
technologies. A Very Small Aperture Terminal (VSAT) microwave antenna is aligned 
to an orbital satellite that can either relay signals between sites directly or via another 
satellite. Satellites use frequency bands in the Super High Frequency range (3-30 GHz). 
The widespread use of satellite television receivers allows for domestic Internet 
connectivity services over satellite connections. Satellite services for business are also 
expanding, especially in rural areas where DSL or cable services are less likely to be 
available. The transfer rates available vary between providers and access packages, but 
2 or 6 Mbps up and 15-20 Mbps down would be typical. There are also likely to be 
quite restrictive usage limits. 


Satellite connections experience quite severe latency problems as the signal has to 
travel over thousands of miles more than terrestrial connections, introducing a delay 
of many times what might be expected over a land link. For example, if accessing a site 
over DSL involves a 15-50 ms delay on the link, accessing the same site over a satellite 
link could involve a 1000 ms delay. This is an issue for real-time applications, such as 
video-conferencing, VoIP, and multi-player gaming. 


To create a satellite Internet connection, the ISP installs a satellite dish (antenna) at the 
customer's premises and aligns it with the orbital satellite. The satellites are in 
geostationary orbit above the equator, so in the northern hemisphere the dish will be 
pointing south. Because the satellite does not move relative to the dish, there should 
be no need for any realignment. The antenna is connected via coaxial cabling to a DVB- 
S (Digital Video Broadcast Satellite) modem. This can be installed in the PC as an 
adapter card or as an external box connected via a USB or Ethernet port. 


LINE OF SIGHT WIRELESS INTERNET SERVICE PROVIDER (WISP) 


Line of Sight (LoS) is a wireless connection method using ground-based microwave 
antennas aligned with one another. Endpoints can transmit signals to one another as 
long as they are unobstructed by physical objects. The antennas themselves are 
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typically affixed to the top of tall buildings in order to reduce this interference. A line of 
sight service can cover great distances that typical wireless signals cannot, while at the 
same time saving the service provider from having to install cabling infrastructure. 
Additionally, the connection in an LoS service is often low latency, or at least, lower 
latency than satellite. 


A disadvantage of LoS is that the actual unobstructed sight line can be difficult to 
maintain, especially if the area between the two endpoints is not owned by the client 
or the provider. Likewise, LoS services are usually more expensive than other methods. 


A company specializing in LoS networks is referred to as a Wireless Internet Service 
Provider (WISP). A WISP might use Wi-Fi type networking or proprietary equipment. 
The services can operate over a range of frequencies. The use of certain frequencies 
may be impacted by the deployment of 5G cellular services, which may involve 
changes to the way some frequency bands are licensed for use. 


CELLULAR RADIO NETWORKS 


The 2.4 GHz and 5 GHz frequency bands used by Wi-Fi have quite severely restricted 
range while fixed wireless Internet requires a large dish antenna. Cellular radio 
wireless networking facilitates communications over much larger distances using 
portable equipment like smartphones. Cellular networking is also used by some 
Internet of Things (loT) devices, such as smart energy meters. 


CELLULAR RADIO (GSM/TDMA AND CDMA) 


A cellular radio makes a connection using the nearest available transmitter (cell or 
base station). Each base station has an effective range of up to 5 miles (8 km). The 
transmitter connects the phone to the mobile and landline telephone networks. 
Transmitter coverage in many countries is now very good, with the exception of 
remote rural areas. Cellular radio works in the 850 and 1900 MHz frequency bands 
(mostly in the Americas) and the 900 and 1800 MHz bands (rest of the world). 


Cellular digital communications standards are described as belonging to a particular 
generation. For 2G, there were two competing formats, established in different 
markets: 


* Global System for Mobile Communication (GSM)-based phones. GSM allows 
subscribers to use a Subscriber Identity Module (SIM) card to use an unlocked 
handset with their chosen network provider. GSM is adopted internationally and by 
AT&T and T-Mobile in the US. 

* TIA/EIA IS-95 (cdmaOne)-based handsets. With Code Division Multiple Access 
(CDMA), the handset is managed by the provider, not the SIM. CDMA adoption is 
largely restricted to the telecom providers Sprint® and Verizon. 


In both cases, the cell network was built primarily to support voice calls, so 2G data 
access was provided on top, using Circuit Switched Data (CSD). CSD is somewhat 
similar to a dial-up modem, though no analog transmissions are involved. CSD requires 
a data connection to be established to the base station (incurring call charges) and is 
only capable of around 14.4 Kbps at best. 


3G 


The transition from 2G to 3G saw various packet-switched technologies deployed to 
mobiles: 


* General Packet Radio Services/Enhanced Data Rates for GSM Evolution (GPRS/ 
EDGE) is a precursor to 3G (2.5G) with GPRS offering up to about 48 Kbps and EDGE 
about 3-4 times that. Unlike CSD, GPRS and EDGE allow "always on" data 
connections, with usage billed by bandwidth consumption rather than connection 
time. 
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* Evolved High Speed Packet Access (HSPA+) is a 3G standard developed via several 
iterations from the Universal Mobile Telecommunications System (UMTS) used on 
GSM networks. HSPA+ nominally supports download speeds up to 168 Mbps and 
upload speeds up to 34 Mbps. HSPA+-based services are often marketed as 4G if 
the nominal data rate is better than about 20 Mbps. 

* CDMA2000/Evolution Data Optimized (EV-DO) are the main 3G standards deployed 
by CDMA network providers. EV-DO can support a 3.1 Mbps downlink and 1.8 Mbps 
uplink. 


4G 

Long Term Evolution (LTE) is a converged 4G standard supported by all network 
providers. Any device using a 4G connection needs a SIM card. LTE has a maximum 
downlink of 150 Mbps in theory, but no provider networks can deliver that sort of 
speed at the time of writing. Around 20 Mbps is more typical of real-word 
performance. 


LTE Advanced (LTE-A) is intended to provide a 300 Mbps downlink, but again this 
aspiration is not matched by real-world performance. Current typical performance for 
LTE-A is around 40 Mbps. 


5G 

According to the original specification, a 4G service was supposed to deliver 1 Gbps for 
stationary or slow-moving users (including pedestrians) and 100 Mbps for access from 
a fast-moving vehicle. Those data rates are now the minimum hoped-for standards for 
5G. 5G is currently only available in trial areas. Speeds of up to 70 Gbps have been 
achieved under test conditions, but commercial products and service standards are 
not likely to appear until 2020. 
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Activity 6-4 


Discussing Internet Connection Types 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. If you have remote employees who need to connect to the corporate 
network but they are located in a remote area with no access to high-speed 
Internet service, what do you think is the best Internet connection method 
to use? 


2. True or false? Analog modems are required for dial-up and ISDN Internet 
access services. 


3. What type of SOHO Internet access method offers the best bandwidth? 


4. Which protocol enables a dial-up user to exchange frames of data with an 
ISP's access server? 


5. What type of cabling is used with the WAN port of a cable modem? 


6. What Internet access method would be suitable for a business requiring a 
high bandwidth connection where no cabled options exist? 
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Topic E 


Network Configuration Concepts 


EXAM OBJECTIVES COVERED 
BI 1001-2.2 Compare and contrast common networking hardware devices. 


1001-2.6 Explain common network configuration concepts. 


Now that you are familiar with the basic components that make up a network, you can 
start to take a look at Transmission Control Protocol/Internet Protocol (TCP/IP) 
addressing and data delivery. In this topic, you will identify the properties and 
characteristics of TCP/IP. 


As a CompTIA A+ technician, you must be able to identify how protocols work together 
and with the network hardware to provide services. Understanding how everything is 
connected and functioning within the network will allow you to properly support 
TCP/IP within a network. 


ROUTERS 


Ethernet switches connect nodes on the basis of local or hardware (MAC) addresses. 
Everything connected to an unmanaged switch is part of the same physical and logical 
network. When you want to connect such a network to the Internet or when you want 
to divide a large local network into logical subnetworks, you need to use one or more 
routers. 


A router is responsible for moving data around a network of networks, known as an 
internetwork or internet. While a switch forwards frames using hardware (MAC) 
addresses within a single network segment, a router forwards packets around an 
internetwork using logical network and host IDs. 


A router. (Image © 123RF.com.) 


There are many different types and uses of routers, but on an enterprise network, a 
router tends to perform one of the following two tasks: 


* LAN router—divide a single physical network into multiple logical networks. This is 
useful for security and performance reasons. 
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* WAN or edge/border router—join a network using one type of media with a 
network using different media. A typical example is to join a LAN to a WAN, such as 
the Internet. 


Selection of the path or route to the destination network is determined dynamically or 
statically. The packet moves, hop by hop, through the internetwork to the target 
network. Once it has reached the destination network, the hardware address can be 
used to move the packet to the target node. This process requires each logically 
separate network to have a unique network address. 


ROUTERS VERSUS MODEMS 


Make sure you understand the separate functions of modems and routers when 
connecting to the Internet. A modem works at the same level as a switch, making a 
physical network link with the ISP's network. The type of modem must be matched to 
the type of link (dial-up, DSL, cable, and so on). A router makes decisions about 
forwarding between the two logical networks. For SOHO networks, this is usually a 
simple choice between the local network and the Internet. On a SOHO network, the 
modem and the router are typically bundled in the same appliance. 


VIRTUAL LAN (VLAN) 


The switches on an enterprise network can provide thousands of ports. It is inefficient 
to have that many connections to the same "logical" network. The ports are divided 
into groups using a feature of managed switches called Virtual LAN (VLAN). Each 
VLAN is associated with a different logical subnetwork address. Communications 
between different VLANs therefore have to go through a router. As well as improving 
performance, this is a security benefit too. Traffic passing between VLANs can be easily 
filtered and monitored to ensure it meets security policies. 


THE TCP/IP PROTOCOL SUITE 


Protocols are procedures or rules used by networked hosts to communicate. For 
communication to take place, the two hosts must have a protocol in common. Often, 
several protocols used for networking are designed to work together. This collection of 
protocols is known as a protocol suite. 


A number of protocol suites have been used for LAN and WAN communications over 
the years. However, the overwhelming majority of networks have now converged on 
the use of the Transmission Control Protocol/Internet Protocol (TCP/IP) suite. Most 
network implementations you will be required to install and support will depend on 
the use of TCP/IP. 


TCP/IP was originally developed by the US Department of Defense but is now an open 
standard to which anyone may contribute. Developments are implemented through 
the Internet Engineering Task Force (IETF), which is split into a number of working 
groups. Standards are published as Request For Comments (RFCs). The official 
repository for RFCs is at www.rfc-editor.org and they are also published in HTML 
format at tools.ietf.org/html. 


TCP/IP protocols are packet-based. This means that rather than sending a data 
message as a single large whole, it is split into numerous small packets. Smaller 
packets have a better chance of being delivered successfully and are easier to resend if 
lost or damaged. 


Routers choose the paths that packets take around the network from source to 
destination. 
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TCP/IP PROTOCOLS 

The main protocols in the suite provide addressing and transport services. The 
function of these protocols can be better understood by dividing them into layers. The 
TCP/IP suite uses a model with four distinct layers. 


DHCP BOOTP DNS 

FTP HTTP URL IMAP 

SMTP Telnet SNMP 
SSL TLS 


i 


PPP PPTP L2TP 


Application 


Link/ 


Network 
nterface 


Ethernet Wi-Fi y= 


TCP/IP model. (Image © 123RF.com.) 


The layers and main protocols working at each layer are as follows: 


Link or Network Interface layer—responsible for putting frames onto the 
physical network. This layer does not contain TCP/IP protocols as such. At this layer, 
different networking products and media can be used, such as Ethernet or Wi-Fi. 
Communications on this layer take place only on a local network segment and not 
between different networks. Data at the link layer is packaged in a unit called a 
frame and nodes are identified by a MAC address (assuming Ethernet or Wi-Fi). 
Internet Protocol (IP)—provides packet addressing and routing at the network 
layer. IP provides best effort delivery of an unreliable and connectionless nature. A 
packet might be lost, delivered out of sequence, duplicated, or delayed. 
Transmission Control Protocol (TCP)—guarantees orderly transmission of packets 
at the transport layer. TCP can identify and recover from lost or out-of-order 
packets. This is used by most TCP/IP application protocols as failing to receive a 
packet or processing it incorrectly can cause serious data errors. 

User Datagram Protocol (UDP)—provides unreliable, non-guaranteed transfer of 
packets. UDP is an alternative way of implementing the transport layer to TCP. UDP 
is faster and comes with less of a transmission overhead because it does not need 
to send extra information to establish reliable connections. It is used in time- 
sensitive applications, such as speech or video, where a few missing or out-of-order 
packets can be tolerated. Rather than causing the application to crash, they would 
just manifest as a glitch in video or a squeak in audio. 
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* Application protocols—there are numerous protocols used for network 
configuration, management, and services. Application protocols use a TCP or UDP 
port to connect the client and server. 


ADDRESS RESOLUTION PROTOCOL (ARP) 


When IP is being used with a physical/data link specification such as Ethernet or Wi-Fi, 
there must be a mechanism to deliver messages from IP at the network layer to 
computers addressed at the link layer. Address Resolution Protocol (ARP) finds the 
MAC (network adapter) address associated with an IP address. 


ICMP 


Additionally, you should be aware of the Internet Control Message Protocol (ICMP), 
which works at the network layer. ICMP delivers status and error messages and is used 
by diagnostic utilities such as ping and tracert. 


INTERNET PROTOCOL AND IP ADDRESSING 


The core protocol in TCP/IP is the Internet Protocol (IP), which provides network and 
host addressing and packet forwarding between networks. 


IPv4 PACKET STRUCTURE 

As with a frame, an IP packet adds some headers to whatever transport/application 
layer data it is carrying in its payload. There are two versions of IP: IPv4 and IPv6. We 
will discuss IPv6 later. The main IPv4 headers are as follows: 


Field Description 

Source IP address Identifies the sender of the datagram by IP address. 

Destination IP Identifies the destination of the datagram by IP address. 

address 

Protocol Indicates whether the data should be passed to UDP or TCP at the 
destination host. 

Checksum Verifies the packet's integrity upon arrival at the destination. 

Time to Live The number of hops a datagram is allowed to stay on the network 


before being discarded, otherwise packets could endlessly loop 
around an internet. A router will decrease the TTL by at least one 
when it handles the packet. 


IPv4 ADDRESS FORMAT 


An IPv4 address is 32 bits long and is used within an IPv4 packet to define the source 
and destination of the packet. In its raw form it appears as: 


11000110001010010001000000001001 


The 32 bits are subdivided into four groups of 8 bits (1 byte) known as octets. The 
above IP address could therefore be rearranged as: 


11000110 00101001 00010000 00001001 


This representation of an IP address makes human memorizing of the number almost 
impossible (much less entering it correctly into configuration dialogs). To make IP 
addresses easier to use, they are usually displayed in dotted decimal notation. This 
notation requires each octet to be converted to a decimal value. The decimal numbers 
are separated using a period. Converting the previous number to this notation gives: 


198 . 41 .16.9 
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CONVERTING BETWEEN BINARY AND DECIMAL FORMAT 


The following examples demonstrate the process of converting between binary and 
decimal notation. The base of any number system tells us two things: how many 
different values any given digit can have and the factor by which the value of a digit 
increases as we move from right to left in a number. Thus, in normal base 10 (or 
decimal) numbers, a digit can take any one of ten different values (0 through 9), and 
the values of the different place positions within a number, moving from right to left, 
are units (ones), tens, hundreds, thousands, and so on. 


In base 2 (binary), digits can only take one of two different values (0 and 1). The place 
values are powers of 2 (241=2, 242=4, 243=8, 244=16, and so on). Consider the octet 
"11101101" represented in base 2. The following figure shows the place value of each 
digit in the octet: 


128 64 32 16 8 4 2 
1 1 1 0 al 1 0 1 
123*1 64*1 32*1 16*0 e*l 4*1 2*0 Lyh 


Therefore, the decimal equivalent is: 


128 + 64 + 32 + 0 + 8 + 4 + 0 + 1 = 237 


You can use the same sort of method to convert from decimal to binary. For example, 
the number 199 can be converted as follows: 


T99 = 

128 + 64 + O + 0 + 0 game + 2 + 1 
128 64 32 16 8 4 2 1 
28*1 64*1 32*0 16*0 8*0 4*1 2*1 1* 


1 al 0 0 0 1 1 


If all the bits in an octet are set to 1, the number obtained is 255 (the maximum 
possible value). Similarly, if all the bits are set to 0, the number obtained is 0 (the 
minimum possible value). Therefore, theoretically an IPv4 address may be any value 
between 0.0.0.0 and 255.255.255.255. However, some addresses are not permitted or 
are reserved for special use. 


SUBNET MASKS 


An IP address provides two pieces of information encoded within the same value: 


* The network number (network ID)—this number is common to all hosts on the 
same IP network. 

* The host number (host ID)—this unique number identifies a host on a particular IP 
network. 


A subnet mask (or netmask) is used to distinguish these two components within a 
single IP address. It is used to "mask" the host ID portion of the IP address and thereby 
reveal the network ID portion. 


Where there is a binary 1 in the mask, the corresponding binary digit in the IP address 
is part of the network ID. The relative sizes of the network and host portions 
determines the number of networks and hosts per network a particular addressing 
scheme can support. 


Many subnetting schemes use one of the default masks. These are masks comprising 
whole octets only. Each default mask is known by a particular "class." 


Dotted Decimal Network 
Class Mask Prefix Binary Mask 
A 255.0.0.0 /8 11111111 00000000 00000000 00000000 
B 255.255.0.0 /16 11111111 11111111 00000000 00000000 
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Dotted Decimal Network 
Class Mask Prefix Binary Mask 
C 255.255.255.0 124 11111111 11111111 11111111 00000000 


The mask can be expressed in dotted decimal format or as a network prefix. The 
network prefix is simply the number of ones that appear in the mask. 


Note: The 7s in the mask are always contiguous. For example, a mask 11111111 
11110000 00000000 00000000 is valid but 11111111 00000000 11110000 00000000 is 


not. 


MASKING AN IP ADDRESS (ANDing) 

The network ID portion of an IP address is revealed by "ANDing" the subnet mask to 
the IP address. When two 1s are ANDed together, the result is a 1. Any other 
combination produces a 0. 


1 AND 1 = 1 
1 AND 0 = 0 
0 AND 1 = 0 
0 AND 0 = 0 


For example, to determine the network ID of the IP address 172.30.15.12 with a subnet 
mask of 255.255.0.0, the dotted decimal notation of the IP address and subnet mask 
must first be converted to binary notation. The next step is to AND the two binary 
numbers. The result can be converted back to dotted decimal notation to provide the 
network ID (172.30.0.0). 


L724 30.5. 15-12 10101100 00011110 00001111 00001100 
25 54.2554 0... -0 11111111 11111111 00000000 00000000 
Lia. -30 0. 0 10101100 00011110 00000000 00000000 


Instead of quoting the mask each time, you could express that network ID with a prefix 
instead: 172.30.0.0/16. 


ROUTING DECISION 


A host can communicate directly on the local network segment with any other host 
that has the same network ID. Communications with a host that has a different 
network ID must be sent via a router. 


When two hosts attempt to communicate via IPv4, the protocol compares the source 
and destination address in each packet against a subnet mask. If the masked portions 
of the source and destination IP addresses match, then the destination interface is 
assumed to be on the same IP network. For example: 


172. 30. 15. 12 10101100 00011110 00001111 00001100 
255.255. O. O 11111111 11111111 00000000 00000000 
172. 30. 16%%L01 10101100 00011110 00010000 01100101 


In the example, IP concludes the destination IPv4 address is on the same IP network 
and would try to deliver the packet locally. 


If the masked portion does not match, IP assumes the packet must be routed to 
another IP network. For example: 


172." 30. 15. 12 10101100 00011110 00001111 00001100 
255.255. 0. O 11111111 11111111 00000000 00000000 
72. 31. 16.101 10101100 00011111 00010000 01100101 


In this case, IP concludes the destination IPv4 address is on a different IP network and 
would forward the packet to a router rather than trying to deliver it locally. 
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where the host bits are all "1"s is the broadcast address for a network. A message sent 
to a broadcast address is received by all hosts on the network. The broadcast address of 
the previous example would be 172.16.255.255. 


@ Note: This describes unicast addressing, where a single host is addressed. An address 


HOST IP CONFIGURATION 


Each host must be configured with an IP address and subnet mask at a minimum in 
order to communicate on an IPv4 network. This minimum configuration will not prove 
very usable, however. Several other parameters must be configured for a host to make 
full use of a modern network or the Internet. 


IPv4 ADDRESS AND SUBNET MASK 


An IPv4 address and subnet mask can be set manually (static address). The IP address 
is entered as four decimal numbers separated by periods (e.g., 172.30.15.12). The IP 
address identifies both the network to which the interface is attached and also its 
unique identity on that network. An interface must be configured with an IP address. 


The subnet mask is used in conjunction with the IP address to determine whether 
another interface is located on a local or remote network. An interface must be 
configured with a subnet mask. 


DEFAULT GATEWAY 


The default gateway parameter is the IP address of a router to which packets 
destined for a remote network should be sent by default. This setting is not 
compulsory but failure to enter a gateway would limit the interface to communication 
on the local network only. 


CLIENT-SIDE DNS 

Another important part of IP configuration is specifying the IP address of one or more 
Domain Name System (DNS) servers. These servers provide resolution of host and 
domain names to their IP addresses and are essential for locating resources on the 
Internet. Most local networks also use DNS for name resolution. Typically, the DNS 
server would be the gateway address, though this may not be the case on all networks. 
Often two DNS server addresses (preferred and alternate) are specified for 
redundancy. 


STATIC AND DYNAMIC IP ADDRESSES 


Using static addressing requires that an administrator visit each computer to manually 
enter the configuration information for that host. If the host moves to a different 
subnet, the administrator must manually reconfigure it. The administrator must keep 
track of which IP addresses have been allocated to avoid issuing duplicates. In a large 
network, configuring IP statically on each node can be very time consuming and prone 
to errors that can potentially disrupt communication on the network. 


Static addresses are typically only assigned to systems with a dedicated functionality, 
such as router interfaces, network-attached printers, or servers that host applications 
on a network. 


DHCP 


When an interface is given a static configuration manually, the installer may make a 
mistake with the address information—perhaps duplicating an existing IP address or 
entering the wrong subnet mask—or the configuration of the network may change, 
requiring the host to be manually configured with a new static address. To avoid these 
problems, a Dynamic Host Configuration Protocol (DHCP) Server can be used to 
allocate an IP address and subnet mask (plus other settings) dynamically. 
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The computer contacts the DHCP server as it starts up and is allocated a lease for an IP 
address. Settings such as default gateway and DNS server addresses may be passed to 
the computer at the same time. If the address information needs to change, this can 
be done on the DHCP server, and clients will update themselves automatically when 
they seek a new lease (or a new lease can be requested manually). 


Note: The DHCP client communicates with the server using broadcast communications 
so there is no need to configure a DHCP server address. 


192.168.100.151 192.168.100.150 


y> 


192.168.100.152 


IP address 


assignments Z 


DHCP server 


\S 


192.168.100.153 


DHCP. (Image © 123RF.com.) 


LINK LOCAL ADDRESSING/APIPA 


Hosts also have a "fallback" mechanism for when the computer is configured to use a 
DHCP server but cannot contact one. In this scenario, the computer selects an address 
at random from the range 169.254.1.0 to 169.254.254.255. Microsoft calls this 
Automatic Private IP Addressing (APIPA). When a host is using an APIPA address, it 
can communicate with other hosts on the same network that are using APIPA, but 
cannot reach other networks or communicate with hosts that have managed to obtain 
a valid DHCP lease. 


Note: "APIPA" is Microsoft's term. Other vendors and open source products use the term 
"link local" instead. 


DHCP RESERVATIONS 


It is often useful for a host to use the same IP address. Servers, routers, printers, and 
other network infrastructure can be easier to manage if their IP addresses are known. 
One option is to use static addressing for these appliances, but this is difficult to 
implement. Another option is to configure the DHCP server to reserve a particular IP 
address for that device. The DHCP server is configured with a list of the MAC addresses 
of hosts that should receive the same IP address. When it is contacted by a host with 
one of the listed MAC addresses, it issues a lease for the reserved IP address. 
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Note: The main drawback of this method is that if the DHCP server fails, then critical 
network devices might fail to obtain IP addresses. 


PUBLIC AND PRIVATE IP ADDRESSES 


To communicate on the Internet, a host must obtain a unique public IP address. 
Typically this is allocated by an Internet Service Provider. Relatively few companies can 
obtain sufficient public IP addresses for all their computers to communicate over the 
Internet, however. There are various mechanisms to work around this issue. 


PRIVATE ADDRESSING 

The IP address scheme defines certain ranges as private addresses. These ranges are 
defined by RFC 1918 and are sometimes referred to as RFC 1918 addresses. Hosts with 
IP addresses from these ranges are not allowed to route traffic over the Internet. Use 
of the addresses is confined to private LANs. There are three private address ranges, 
each associated with one of the default subnet masks: 


* 10.0.0.0 to 10.255.255.255 (Class A private address range). 

* 172.16.0.0 to 172.31.255.255 (Class B private address range). 

* 192.168.0.0 to 192.168.255.255 (Class C private address range). 

* 169.254.0.0 to 169.254.255.255 (APIPA/link-local autoconfiguration). As discussed 
earlier, this range is used by hosts for autoconfiguration when a DHCP server 
cannot be contacted (selecting a link-local address). 


Internet access can be facilitated for hosts using the private addressing scheme in two 

ways: 

* Through a router configured with a single or block of valid public addresses; the 
router translates between the private and public addresses using Network Address 
Translation (NAT). 

* Through a proxy server that fulfills requests for Internet resources on behalf of 
clients. 


NETWORK ADDRESS TRANSLATION 


Most hosts on private networks are not configured with IP addresses that can 
communicate directly to the Internet. Instead, when clients on the local network 
connect via a router, the router converts the client's private IP address into a valid 
public address using Network Address Translation (NAT). 


A NAT address pool supports multiple simultaneous connections but is still limited by 
the number of available public IP addresses. Smaller companies may only be allocated 
a single or small block of addresses by their ISP. In this case, a means for multiple 
private IP addresses to be mapped onto a single public address would be useful, and 
this is exactly what is provided by Network Address Port Translation (NAPT), which 
is also referred to as Port Address Translation (PAT) or as NAT overloading. 
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NAT overloading. (Image © 123RF.com.) 


10.0.0.103 


NAPT works by allocating each new connection a high level TCP or UDP port. For 
example, say two hosts (10.0.0.101 and 10.0.0.103) initiate a web connection at the 
same time, requesting responses on the client (or source) port 1024. The NAPT service 
creates two new client port mappings for these requests (10.0.0.101:60101 and 
10.0.0.103:60103). It then substitutes the private source IPs for a single public source IP 
(217.45.253.5) and forwards the requests to the public Internet. It performs a reverse 
mapping on any traffic returned to those client ports, inserting the original private IP 
address and client port number, and forwarding the packets to the internal hosts. 


VIRTUAL PRIVATE NETWORKS 


A Virtual Private Network (VPN) connects the components and resources of two 
(private) networks over another (public) network. The Internet provides a cost effective 
way of connecting both users to networks and networks to networks. Rather than a 
user direct-dialing your server, which is private but expensive, the user connects to an 
ISP, which is cheap, but public. 


A VPN is a "tunnel" through the Internet (or any other public network). It uses special 
connection protocols and encryption technology to ensure that the tunnel is secure 
and the user is properly authenticated. Once the connection has been established, to 
all intents and purposes, the remote computer becomes part of the local network 
(though it is still restricted by the bandwidth available over the WAN link). 
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Internet 


A typical VPN configuration. (Image © 123RF.com.) 


IPv6 


The addressing scheme discussed earlier is for IP version 4. Because it is feared the 
global supply of IPv4 addresses will run out, a new version of IP addressing, IP Version 
6, has been developed. An IPv6 address is a 128-bit number (contrast with the 32-bit 
number used in v4). This massively increases the available pool of available addresses 
compared to IPv4. 


IPv6 also includes new efficiency features, such as simplified address headers, 
hierarchical addressing, support for time-sensitive network traffic, and a new structure 
for unicast addressing. 


BINARY AND HEXADECIMAL NOTATION 


Network addresses are represented as binary values when processed by the computer 
but because binary has only two values for each position and the values for IPv6 
addresses are very large, this would require a long string of characters to write out. 
This is difficult enough to read but even harder to type accurately into configuration 
dialogs. 


Binary values are converted to decimal for IPv4 addresses but as IPv6 addresses are so 
much longer, hexadecimal notation is used. Hexadecimal has 16 characters (0...9 plus 
A, B, C, D, E, F). Therefore, it only takes 1 hexadecimal character to represent 4 binary 
characters. The following table summarizes the equivalent representations of decimal 
values from 0-15 in binary and hex. 


Decimal Hexadecimal Binary 
0 0000 
1 1 0001 
2 2 0010 
3 3 0011 
4 4 0100 
5 5 0101 
6 6 0110 
7 7 0111 
8 8 1000 
9 9 1001 
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Decimal Hexadecimal Binary 
10 A 1010 
11 B 1011 
12 C 1100 
13 D 1101 
14 E 1110 
15 F 1111 
IPv6 ADDRESS NOTATION 


To express a 128-bit IPv6 address in hexadecimal notation, the binary address is 
divided into eight double-byte (16-bit) values delimited by colons. For example: 


2001:0db8:0000:0000:0abc:0000:def0:1234 


Even this is quite cumbersome, so where a double-byte contains leading zeros, they 
can be ignored. In addition, one contiguous series of zeroes can be replaced by a 
double colon place marker. Thus, the address above would become: 


2001:db8::abc:0:def0:1234 


IPv6 ADDRESSING SCHEMES 


An IPv6 address is divided into two main parts: the first 64 bits are used as a network 
ID while the second 64 bits designate a specific interface. 


Network ID Interface ID 


64-bit 64-bit 


In IPv6, the interface identifier is always the last 64 bits; the first 64 bits are used for network 
addressing. (Image © 123RF.com.) 


As the network and host portions are fixed size, there is no need for a subnet mask. 
Network addresses are written using prefix notation, where /nn is the length of the 
routing prefix in bits. Within the 64-bit network ID, the length of any given network 
prefix is used to determine whether two addresses belong to the same IP network. 


GLOBALLY UNIQUE UNICAST ADDRESSING 

As with IPv4, a unicast address identifies a single network interface. The main types of 

unicast addressing are global and link-local. A global address is one that is unique on 

the Internet (equivalent to public addresses in IPv4). Global unicast addresses have the 

following format: 

+ The first 3 bits indicate that the address is within the global scope. In hex notation, a 
global unicast address will start with either "2" or "3." 

* The next 45 bits are allocated in a hierarchical manner to regional registries and 
from them to ISPs and end users. 

* The next 16 bits identity site-specific subnet addresses. 

* The final 64 bits are the interface ID. The interface ID is either generated from the 
adapter's MAC address (padded with extra bits to make it 64 bits in length) or is 
randomly generated. 
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Global Routi Prefi 
obal Routing Prefix Interface ID 


3-bit 45-bit 16-bit 64-bit 


IPv6 global unicast address format. (Image © 123RF.com.) 


In IPv6, address blocks are automatically assigned hierarchically by routers. Top-level 
routers have top-level address blocks, which are automatically divided and assigned as 
routers and segments are added. This divides the address space as a logical hierarchy, 
compared to the ad-hoc address-space management procedures that were developed 
for IPv4, making it easier to manage. 


LINK-LOCAL ADDRESSING 

Link-local addresses are used by IPv6 for network housekeeping traffic. Link-local 
addresses span a single subnet (they are not forwarded by routers). Nodes on the 
same link are referred to as neighbors. In hex notation, link-local addresses start with 


fe80:: 


10-bit 54-bit 64-bit 
IPv6 link-local unicast address format. (Image © 123RF.com.) 
The equivalent in IPv4 is Automatic Private IP Addressing (APIPA) and its 169.254.0.0 


addresses. However, unlike IPv4, an IPv6 host is always configured with link-local 
addresses (one for each link), even if it also has a globally unique address. 
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Activity 6-5 


Discussing Network Configuration 
Concepts 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What is the difference between a router and a modem? 


2. Protocols within the TCP/IP suite (and products supporting TCP/IP networks) are 
conceived as working at one of four layers. 


What are those four layers called? 


3. What is meant by dotted decimal notation? 


4. When is a default gateway required? 


5. Ahostis configured with the IP address 192.168.1.10/24. 


What is the host's subnet mask? 
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6. What is the purpose of a DHCP server? 


7. What is special about an IP address that starts 169.254? 


8. Ahostis configured with the IP address 172.29.0.101. 


What is significant about this address? 


9. What is the function of NAT? 


10. Apart from its length, what is the main difference between the structure of 
an IPv4 address and an IPv6 address? 
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Topic F 


Network Services 


EXAM OBJECTIVES COVERED 
BI 1001-2.1 Compare and contrast TCP and UDP ports, protocols, and their purposes. 


1001-2.5 Summarize the properties and purposes of services provided by networked 
hosts. 


In the previous topics, you explored the network hardware and protocols that facilitate 
the process of making connections between hosts and networks, including Internet 
connections. In this topic, you will move on to examine the various ports and protocols 
that are used to provide application services. 


Properly configuring the ports of a network device and selecting the right protocol will 
ensure that data gets transmitted over the network. As a CompTIA A+ technician, you 
must understand how ports and protocols are implemented within a network and how 
they function to provide the right level of data transmission while keeping data secure. 


TCP AND UDP PORTS 


The protocols we have looked at so far are primarily concerned with moving frames 
and packets between nodes and networks. At the link/physical layer, Ethernet allows 
nodes to send one another frames of data using MAC addresses. These frames would 
typically be transporting IP packets. At the network layer, IP provides addressing and 
routing functionality for a network of networks (or internetwork). 


Protocols at the transport layer, one up from the network layer, are concerned with 
effective delivery. At the transport layer, the content of the packets starts to become 
significant. 


Any given host on a network will be communicating with many other hosts using many 
different types of networking data. One of the critical functions of the transport layer is 
to identify each type of network application. It does this by assigning each application a 
port number between 0 and 65535. For example, data addressed to the HTTP web 
browsing application can be identified as port 80 while data requesting an email 
application service can be identified as port 143. At the transport layer, on the sending 
host, data from the upper layers is packaged as a series of segments and each 
segment is tagged with the application's port number. The segment is then passed to 
the network layer for delivery. The host could be transmitting multiple HTTP and email 
segments at the same time. These are multiplexed using the port numbers onto the 
same network link. 


Note: In fact, each host assigns two port numbers. On the client, the destination port 

Oe number is mapped to the service that the client is requesting (HTTP on port 80, for 
instance). The client also assigns a random source port number (47747, for instance). The 
server uses this client-assigned port number (47747) as the destination port number for 
its replies and its application port number (80 for HTTP) as its source port. This allows the 
hosts to track multiple "conversations" for the same application protocol. 


At the network and data link layers, the port number is not significant—it becomes part 
of the data payload and is "invisible" to routers and switches working at the network 
and data link layers. At the receiving host, each segment is extracted from its frame 
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and then identified by its port number and passed up to the relevant handler at the 
application layer. 


TCP VERSUS UDP 


The transport layer is also responsible for ensuring reliable data delivery so that 
packets arrive error-free and without loss. The transport layer can overcome lack of 
reliability in the lower level protocols. This reliability is achieved by the Transport 
Control Protocol (TCP) using acknowledgement messages that inform the sender the 
data was successfully received. 


The kinds of problems that may occur during the delivery of the data are non-delivery 
and delivery in a damaged state. In the first case, the lack of acknowledgement results 
in the retransmission of the data and, in the second case, a Negative 
Acknowledgement (NACK) forces retransmission. TCP is described as connection- 
oriented, because it ensures the reliability and sequencing of messages passing over 
the connection. 


On the other hand, sometimes it is more important that communications be faster 
than they are reliable. The acknowledgements process of TCP adds a lot of overhead. 
The User Datagram Protocol (UDP) is a connectionless, non-guaranteed method of 
communication with no sequencing or flow control. There is no guarantee regarding 
the delivery of messages or the sequence in which packets are received. UDP is 
suitable for applications that do not require acknowledgement of receipt and can 
tolerate missing or out-of-order packets. It may be used for applications that transfer 
time-sensitive data but do not require complete reliability, such as voice or video. The 
reduced overhead means that delivery is faster. If necessary, the application layer can 
be used to control delivery reliability. 


WELL-KNOWN PORTS 


Any application or process that uses TCP or UDP for its transport, such as HTTP for 
web services or POP3 for email, is assigned a unique identification number called a 
port. The server and client applications use different ports. For example, a client may 
contact an HTTP server at IP address 77.72.206.10 on port 80 (77.72.206.10:80). The 
HTTP server would respond to the client on a temporary (or ephemeral) port number 
that the client has opened for that purpose (47747, for instance). 


Server port numbers are assigned by the Internet Assigned Numbers Authority (IANA). 
Some of the "well-known" port numbers are listed in the following table. 


Port # TCP/UDP Process Description 

20 TCP ftp-data File Transfer Protocol - Data 
21 TCP ftp File Transfer Protocol - Control 
22 TCP ssh Secure Shell 

23 TCP telnet Telnet 

25 TCP smtp Simple Mail Transfer Protocol 
53 TCP/UDP domain Domain Name System 

67 UDP bootps BOOTP/DHCP Server 

68 UDP bootpc BOOTP/DHCP Client 

80 TCP http HTTP 

110 TCP pop3 Post Office Protocol 

123 UDP ntp Network Time Protocol 
137-139 UDP/TCP netbt NetBIOS over TCP/IP 

143 TCP imap4 Internet Mail Access Protocol 
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Port # TCP/UDP Process Description 

161 UDP snmp Simple Network Management 
Protocol 

162 UDP snmp-trap Simple Network Management 
Protocol Trap 

389 TCP Idap Lightweight Directory Access 
Protocol 

427 TCP slp Service Location Protocol 

443 TCP https HTTP Secure 

445 TCP smb Server Message Block/Common 
Internet File System 

548 TCP afp Apple Filing Protocol 

3389 TCP rdp Remote Desktop Protocol 


IANA defines the ephemeral port range as 49152 to 65535, but some operating 
systems use different values. 


Enabling and disabling ports is an important part of configuring a firewall, to ensure 
that only valid application protocols are allowed. 


The TCP/IP suite encompasses a large number and wide range of protocols. Some of 
the principal protocols amongst these are discussed in the following sections. 


DNS 


The Domain Name System (DNS) is a hierarchical system for resolving names to IP 
addresses. It uses a distributed database that contains information on domains and 
hosts within those domains. The information is distributed among many name servers, 
each of which holds part of the database. The distributed nature of the system has the 
twin advantages that maintenance of the system is delegated and loss of one DNS 
server does not prevent name resolution from being performed. 


At the top of the DNS hierarchy is the root, which is often represented by a period (.). 
There are 13 root level servers (A to M). Immediately below the root lie the Top Level 
Domains (TLDs). There are several types of top level domain, but the most prevalent 
are generic (.com, .org, .net, .info, .biz), sponsored (.gov, .edu), and country code 

(.uk, .ca, .de). 


The domain name system is operated by ICANN (icann.org), who also manage the 
generic top level domains. Country codes are generally managed by an organization 
appointed by the relevant government. Each domain name has to be registered with a 
Domain Name Registry for the appropriate top level domain. 


Information about a domain is found by tracing records from the root down through 
the hierarchy. The root servers have complete information about the top level domain 
servers. In turn, these servers have information relating to servers for the second level 
domains. 


No name server has complete information about all domains. Records within the DNS 
tell them where the missing information is found. 
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www.grommet.com www.widget.com 


DNS hierarchy. (Image © 123RF.com.) 


FULLY QUALIFIED DOMAIN NAME 

The full name of any host is called its Fully Qualified Domain Name (FQDN). FQDNs 
reflect the hierarchy, from most specific (the host) to least specific (the top level 
domain followed by the root). For example: www.widget.com. 


The structure of a FQDN follows a fixed hierarchy, with the top level of the hierarchy 
shown to the right of the name. Each part of the name (a label) is separated by period 
characters (full stops). Any given label can consist of letters, numbers, and hyphens 
(though it cannot start with a hyphen). 


The domain name identifies a company, organization, or even an individual. The name 
has to be unique and officially registered (a process that is normally handled by your 
ISP). 


Host names and local domains are specified within the organization (for example, to 
identify a server located in the sales department of a company). The www host name is 
a common alias to indicate that the resource is a web server. 


store.gtslearning.com 


www.courseware.co.uk 


Parts of two FQDNs with 1) Top level domain; 2) Subdomain; 3) Host name. (Image © 123RF.com.) 
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DNS SERVERS 


Different types of DNS servers are used by private organizations: 


* Authoritative name server—this type of DNS server holds domain records and 
can respond authoritatively to requests for information about hosts in the 
domain(s) it manages. On a private network, such as an Active Directory (AD) 
domain, a name server must be running to host the AD DNS records. These records 
would not be made publicly available outside the LAN. On the Internet, public 
information about a domain, such as the location of its web and email servers, will 
be published to a name server. These are usually hosted by ISPs. 

e Recursive resolver—when a client application wants to resolve a name or FQDN, it 
uses a recursive resolver to perform the query. The resolver contacts name servers 
in the DNS hierarchy until it either locates the requested record or times out. When 
you configure a DNS server on a client, it is usually the address of a resolver that 
you are entering. 


Note: On a private network, the same DNS server is likely to be identified for both 
functions. For example, an AD DNS server might both host the DNS records and provide 


name resolution for other Internet domain requests (typically by forwarding them to 
another server). Alternatively, the network might use client-facing forwarding-only servers 
whose only purpose is to select the best DNS server to answer a particular request and 
forward it on. 


A DNS server is usually configured to listen for queries on UDP port 53. 


WEB SERVERS AND HTTP/HTTPS 


A web server is one that provides client access using the HyperText Transfer Protocol 
(HTTP) or its secure version (HTTPS). 


HTTP AND HTML 

HyperText Transfer Protocol (HTTP) is the basis of the World Wide Web. HTTP 
enables clients (typically web browsers) to request resources from an HTTP server. A 
client connects to the HTTP server using its TCP port (the default is port 80) and 
submits a request for a resource, using a Uniform Resource Locator (URL). The 
server acknowledges the request and returns the data. 


Typically, an organization will lease a server or space on a server from an ISP. Larger 
organizations with their own Internet Point-of-Presence may host websites themselves. 
Web servers are not only used on the Internet, however. Private networks using web 
technologies are described as intranets (if they permit only local access) or extranets 
(if they permit remote access). 


HTTP is usually used to serve HyperText Markup Language (HTML) web pages, which 
are plain text files with coded tags describing how the page should be formatted. A 
web browser can interpret the tags and display the text and other resources 
associated with the page (such as picture or sound files). Another powerful feature is 
its ability to provide hyperlinks to other related documents. HTTP also features forms 
mechanisms (GET and POST) whereby a user can submit data from the client to the 
server. 


The functionality of HTTP servers is often extended by support for scripting and 
programmable features (web applications). 


UNIFORM RESOURCE LOCATOR 

Resources on the Internet are accessed using an addressing scheme known as a 
Uniform Resource Locator (URL). A URL contains all the information necessary to 
identify and access an item. For example, a URL for an HTTP resource might contain 
the following elements: 
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* The protocol describes the access method or service type being used. 

* The host location is usually represented by a Fully Qualified Domain Name (FQDN). 
The FQDN is not case sensitive. The host location can also be an IP address; an IPv6 
address must be enclosed in square brackets. 

e The file path specifies the directory and file name location of the resource (if 
required). The file path may or may not be case-sensitive, depending on how the 
server is configured. 


© 2) © 
http://store.gtslearning.com/comptia/index.htm 


URL with 1) Protocol; 2) FQDN; 3) File path. (Image © 123RF.com.) 


SSL/TLS 


One of the critical problems for the provision of early e-commerce sites was the lack of 
security in HTTP. Under HTTP, all data is sent unencrypted and there is no 
authentication of client or server. Secure Sockets Layer (SSL) was developed by 
Netscape and released as version 3.0 in 1996 to address these problems. SSL proved 
very popular with the industry and is still in widespread use. Transport Layer Security 
(TLS) was developed from SSL and ratified as a standard by IETF. TLS is now the 
product in active development, with 1.2 as the latest version. 

SSL/TLS is typically used with the HTTP application (referred to as HTTPS or HTTP Over 
SSL or HTTP Secure) but can also be used to secure other TCP/IP application protocols. 
TLS can also be used with UDP applications, referred to as Datagram Transport Layer 
Security (DTLS). Some VPN solutions depend on the use of DTLS. 


Note: HTTPS operates over port 443 by default. HTTPS operation is indicated by using 
https:// for the URL and by a padlock icon shown in the browser. 


The basic function of TLS is: 


1. A server is assigned a digital certificate by some trusted Certificate Authority. 

2. The certificate proves the identity of the server (assuming that the client trusts the 
Certificate Authority). 

3. The server uses the digital certificate and the SSL/TLS protocol to encrypt 
communications between it and the client. 


This means that the communications cannot be read or changed by a third party. 


Note: It is also possible to install a certificate on the client so that the server can trust the 
client. This is not often used on the web but is a feature of VPNs. 


MAIL SERVERS 


Email is a messaging system that can be used to transmit text messages and binary file 
attachments encoded using Multipurpose Internet Mail Extensions (MIME). Email 
can involve the use of multiple protocols. The following process illustrates how an 
email message is sent from a typical corporate mail gateway (using the Microsoft 
Exchange mail server) to a recipient with subscriber Internet access: 


1. The email client software on the sender's computer (sender@515support.com) 
sends the message to the Exchange email server using Microsoft's Message 
Application Programming Interface (MAPI) protocol. The mail server puts the 
message in a queue, waiting for the next Simple Mail Transfer Protocol (SMTP) 
session to be started. SMTP uses TCP port 25 by default. 


Lesson 6: Network Infrastructure Concepts | Topic F 


The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 361 


2. When the Exchange SMTP server starts to process the queue, it first contacts a 
DNS server to resolve the recipient's address (for example, 
recipient@othercompany.com) to an IP address for the othercompany.com email 
server, listed as a Mail Exchanger (MX) record in DNS. 

3. It then uses SMTP to deliver the message to this email server. The delivery usually 
requires several "hops"; for example, from the mail gateway to the sender's ISP, 
then to the recipient's ISP. The hops taken by a message as it is delivered over the 
Internet are recorded in the message header. 

4. The message is put in the message store on the recipient's mail server. To retrieve 
it, the recipient uses his or her mail client software to connect with the mailbox on 
the server, using the Post Office Protocol (POP3) on TCP port 110 or Internet 
Message Access Protocol (IMAP) on TCP port 143. POP3 is more widely 
implemented, but IMAP provides extra features, such as support for mail folders 
other than inbox on the server and calendar functionality. 


Note: Email communications between a client and server would normally be protected 
with SSL/TLS security. The default port numbers for these are 587 (SMTPS), 993 (IMAPS), 
and 995 (POP3S). 


To configure an email account, you need the username, password, and default email 
address, plus incoming and outgoing server addresses and protocol types from the 
ISP. 


Add Account x 


POP and IMAP Account Settings 
Enter the mail server settings for your account. 


User Information Test Account Settings 


Your Name: David Martin We recommend that you test your account to ensure that 
r the entries are correct. 
Email Address: david@davidmartin.me 


Server Information 
Test Account Settings ... 


Account Type: POP3 v 

Incoming mail server: aca M] Automatically test account settings when Next is 
clicked 

Outgoing mail server (SMTP): smtp.myisp.net Deliver new messages to: 

Logon Information @ New Outlook Data File 

User Name: david O Existing Outlook Data File 


Password: Jaak Browse 


Remember password 


More Settings ... 


< Back Cancel 


Configuring an email account. The incoming server is either POP3 or IMAP while the outgoing server is 
SMTP. (Screenshot used with permission from Microsoft.) 


Internet email addresses follow the mailto URL scheme. An Internet email address 
comprises two parts—the username (local part) and the domain name, separated by 
an @ symbol. The domain name may refer to a company or an ISP; for example, 
david.martin@comptia.org or david.martin@aol.com. 
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Different mail systems have different requirements for allowed and disallowed 
characters in the local part. The local part is supposed to be case-sensitive, but most 
mail systems do not treat it as such. An incorrectly addressed email will be returned 
with a message notifying that it was undeliverable. Mail may also be rejected if it is 
identified as spam or if there is some other problem with the user mailbox (such as the 
mailbox being full). 


Of course, there are many more network communication types than email. Network 
services are equally likely to support Voice over IP, videoconferencing, messaging, and 
integration with social media. 


FILE AND PRINTER SHARING 


One of the core network functions is to provide shared access to disk and print 
resources. These services may be performed using proprietary protocols, such as File 
and Print Services for Windows Networks. A file server could also be implemented 
using standard protocols, such as File Transfer Protocol (FTP), though this lacks a lot of 
the functionality of Windows file services. 


SERVER MESSAGE BLOCK (SMB)/COMMON INTERNET FILE SYSTEM 
(CIFS) 

Server Message Block (SMB) is the application protocol underpinning file and printer 
sharing on Windows networks. In all supported versions of Windows, version 2 of the 
protocol is used (SMB2), though there is support for legacy Windows clients. SMB 
usually runs directly over TCP on port 445 but can also run as part of NetBIOS over 
TCP/IP, over UDP and TCP in the port range 137-139. The Samba software package 
implements the protocol for Linux computers, enabling them to share and access 
resources on an otherwise Windows-based network. SMB is also sometimes referred 
to as the Common Internet File System (CIFS). 


APPLE FILING PROTOCOL (AFP) 

The Apple Filing Protocol (AFP) performs a similar file sharing function to SMB but for 

Apple networks running Mac OS. AFP is associated with the use of two ports: 

+ UDP or TCP port 427—this is a port running the Service Location Protocol, used to 
advertise the availability of file shares. It is not required by later versions of OS X 
(10.2 and up). 

* TCP port 548—this is the main port used by AFP. 


a Note: Apple is phasing out support for AFP in favor of its own version of SMB2 (SMBX). 


FILE TRANSFER PROTOCOL (FTP) 

The File Transfer Protocol (FTP) was one of the earliest protocols used on TCP/IP 
networks and the Internet. As its name suggests, it allows a client to upload and 
download files from a remote server. It is widely used to upload files to websites. Also, 
if you have existing files that you want to make available to remote users, FTP is a 
simple service to install and maintain. Files made available through FTP can be in any 
format, including document, multimedia, or application files. 

FTP is associated with the use of TCP port 21 to establish a connection and either TCP 
port 20 to transfer data in "active" mode or a server-assigned port in "passive" mode. 


The FTP client may take a number of forms: 


* Most installations of TCP/IP include a command-line client interface. The commands 
put and get are used to upload and download files, respectively. 
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* Dedicated GUI clients allow you to connect to servers, browse directories, and 
upload and download files. 

* Internet browsers allow you to connect to an FTP service and download files. You 
use another type of URL to connect to an FTP server; for example, ftp:// 
ftp.microsoft.com/. 


Site Options - 


Host Info 


Startup 
Transfer Site Name: | gtslearning 
=): Advanced 


SSL Host name: [inw gtslearning.com 
UserlD: [admin 


Password: (comme V Save password 
Account: | [~ Save account 


Comment: | 


Configuring a site in an FTP client. (Screenshot used with permission from Microsoft.) 


submitted in plaintext. There are ways of encrypting FTP sessions (FTPS and SFTP), 


r) Note: Plain FTP is unencrypted and so poses a high security risk. Passwords for sites are 
however, and it is the encrypted services that are most widely used now. 


NETWORK HOST SERVICES 


The purpose of a network is to make host services available. There are many 
categories of network service, but some of the most important roles are described 
here. 


AUTHENTICATION SERVER 

Most networks have some sort of access control system to prevent unauthorized users 
(and devices) from connecting. In a Windows homegroup, for example, the access 
control method is a simple password, shared with all authorized users. Enterprise 
networks use authentication servers to configure user accounts and authenticate the 
subjects trying to use those accounts. On a Windows domain, the user database and 
authentication service is provided by Active Directory, using a mechanism based on the 
Kerberos protocol. 
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You are also likely to come across the terms AAA server and RADIUS server. An 
Authentication, Authorization, and Accounting (AAA) server is one that consolidates 
authentication services across multiple access devices, such as switches, routers, and 
access points. Remote Authentication Dial-in User Service (RADIUS) is an example of an 
AAA protocol. 


DHCP AND DNS SERVERS 


Authentication is just one part of providing network access. Hosts must also receive a 
suitable network configuration to be able to communicate on the network. DHCP and 
DNS are two of the services that facilitate this: 


* Dynamic Host Configuration Protocol (DHCP) servers assign IP address information 
to host automatically when they connect to the network. 

* Domain Name System (DNS) servers allow users to access resources using host 
names and Fully Qualified Domain Names (FQDN) by resolving those names to IP 
addresses. 


LIGHTWEIGHT DIRECTORY ACCESS PROTOCOL (LDAP) 


Network resources can be recorded as objects within a directory. A directory is like a 
database, where an object is like a record and things that you know about the object 
(attributes) are like fields. In order for products from different vendors to be 
interoperable, most directories are based on the same standard. 


The main directory standard is the X.500 series of standards, developed by the 
International Telecommunications Union (ITU) in the 1980s. 


The problem with X.500 is that the full set of standards specified the use of a complex 
protocol stack as a means of network access, at a time when most organizations were 
already opting to use TCP/IP. Researchers developed a means for clients to connect to 
an X.500 server over TCP/IP and this was standardized by the IETF as the Lightweight 
Directory Access Protocol (LDAP). LDAP is a protocol used to query and update an X. 
500 directory, or any type of directory that can present itself as an X.500 directory. It is 
widely supported in current directory products—Windows Active Directory, Apple 
OpenDirectory, or the open source OpenLDAP, for instance. 


LDAP uses TCP and UDP port 389 by default. 


A Distinguished Name is a unique identifier for any given resource within the 
directory. A distinguished name is made up of attribute-value pairs, separated by 
commas. Examples of attributes include Common Name (CN), Organizational Unit 
(OU), and Domain Component (DC). The most specific attribute is listed first and 
successive attributes become progressively broader. This most specific attribute is also 
referred to as the Relative Distinguished Name, as it uniquely identifies the object 
within the context of successive (parent) attribute values. 


NetBIOS/NetBT 


The very earliest Windows networks used network software called the Network Basic 
Input/Output System (NetBIOS). NetBIOS allowed computers to address one another 
by name and establish sessions. As the TCP/IP suite became the standard for local 
networks, NetBIOS was re-engineered to work over the TCP and UDP protocols, 
referred to as NetBIOS over TCP/IP (NetBT): 


* Name service (UDP port 137). 
+ Datagram transmission service (UDP port 138). 
* Session service (TCP port 139). 


As you know, modern networks use IP, TCP/UDP, and DNS for these functions. NetBT 
should be disabled on most networks. It is only required if the network has to support 
pre-Windows 2000 legacy systems (plus some network applications). 
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INVENTORY MANAGEMENT SERVERS 


Inventory management refers to keeping a record of the systems running on your 
network. This is not a simple task to try to perform manually, so a number of protocols 
have been developed to assist. 


SIMPLE NETWORK MANAGEMENT PROTOCOL (SNMP) 


The Simple Network Management Protocol (SNMP) is a framework for management 
and monitoring network devices. SNMP consists of a management system and agents. 


The agent is a process running on a switch, router, server, or other SNMP-compatible 
network device. This agent maintains a database called a Management Information 
Base (MIB) that holds statistics relating to the activity of the device. An example of 
such a Statistic is the number of frames per second handled by a switch. The agent is 
also capable of initiating a trap operation where it informs the management system of 
a notable event (port failure, for instance). The threshold for triggering traps can be set 
for each value. 


A Server 
<P 


~<a — 
P7 — 4 SNMP 


Management System 


Printer 


A 


Router 


SNMP agents and management system. (Image © 123RF.com.) 


The management system (a software program) provides a location from which network 
activity can be overseen. It monitors all agents by polling them at regular intervals for 
information from their MIBs and displays the information for review. It also displays 
any trap operations as alerts for the network administrator to assess and act upon as 
necessary. 


SNMP device queries take place over UDP port 161; traps are communicated over UDP 
port 162. 


ENDPOINT MANAGEMENT SERVER 

Modern security models recognize that networks must not just apply security controls 
at the perimeter or border. A security principle called defense in depth calls for 
policies such as workstation hardening to ensure they cannot be compromised and 
used to attack the network from within. Of course, modern networks do not just 
consist of computer workstations—any type of endpoint computing device must be 
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protected too, including laptops, smartphones, tablets, printers, and "smart" 
appliances. 


An Endpoint Management Server facilitates this process by identifying computing 
devices running on the network and ensuring that they are securely configured. This 
might mean applying OS and antivirus updates automatically, cataloging software 
applications installed on each device, applying security policies, retrieving and 
analyzing log files, and monitoring performance and other status alerts. 


Microsoft has the System Center and Configuration Manager (SCCM) for Windows (plus 
support for other device types). There are many other product examples. 


syslog 

Effective network management often entails capturing logs from different devices. It is 
much easier to review logs and respond to alerts if the logs are consolidated ona 
single system. 


Prior to Windows 7, one limitation of Windows logs was that they only logged local 
events. This meant that third party tools were required in order to gain an overall view 
of messaging for the entire network. However, the development of event subscriptions 
allows logging to be configured to forward all events to a single computer, enabling a 
holistic view of network events. 


The equivalent system in UNIX and Linux is usually syslog. This was designed to follow 
a client-server model and so allows for centralized collection of events from multiple 
sources. It also provides an open format for event logging messages and as such, has 
become a de facto standard for logging events from distributed systems. For example, 
syslog messages can be generated by Cisco routers and switches, as well as servers 
and workstations, and collected in a central database for viewing and analysis. 


LEGACY AND EMBEDDED SYSTEMS 


An embedded system is a computer system that is designed to perform a specific, 
dedicated function. These systems can be as small and simple as a microcontroller in 
an intravenous drip-rate meter or as large and complex as an industrial control system 
managing a water treatment plant. Embedded systems might typically have been 
designed to operate within a closed network; that is one where the elements of the 
network are all known to the system vendor and there is no connectivity to wider 
computer data networks. Where embedded systems need to interact within a 
computer data network, there are special considerations to make in terms of the 
network design, especially as regards security. 


A legacy system is one that is no longer directly supported by its vendor. Networks 
often need to retain hosts running DOS or legacy versions of Windows (XP and earlier) 
or old-style mainframe computers to run services that are too complex or expensive to 
migrate to a more modern platform. Legacy systems usually work well for what they 
do (which is why they don't get prioritized for replacement) but they represent very 
severe risks in terms of security vulnerabilities. It is important to isolate them as far as 
possible from the rest of the network and ensure any network channels linking them 
are carefully protected and monitored. 


Both legacy and embedded systems represent a risk in terms of maintenance and 
troubleshooting too, as they tend to require more specialist knowledge than modern, 
off-the-shelf, computing systems. Consultants with expertise in such systems can 
become highly sought after. 


INTERNET SECURITY APPLIANCES AND SOFTWARE 


Networks connected to the Internet need to be protected against malicious hosts and 
applications by a firewall and anti-malware scanners. Networks also need to scan for 
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"unusual" host behavior or network traffic, using Intrusion Detection Systems (IDS) and 
Intrusion Prevention Systems (IPS). These services can be implemented on servers but 
enterprise networks are likely to use dedicated Internet security appliances. 


INTRUSION DETECTION SYSTEM (IDS) 

A network-based Intrusion Detection System (IDS) comprises a sensor plus an 
analysis engine that scans network traffic for signs of threats or other violations of 
security policy. The IDS can be programmed with signatures of known intrusion 
attempts. Like antivirus software, these intrusion signatures (usually called plug-ins in 
the context of IDS) must be kept up to date. Also like antivirus, IDS can use behavioral 
or heuristic techniques to identify potential threats. In contrast to a basic packet- 
filtering firewall, which can be configured with rules about IP addresses and application 
protocol ports, a network-based IDS examines the contents of the application layer 
payload in the packet. 


When an IDS detects an intrusion event, it creates a log entry and can also send an 
alert to an administrator, if the event is considered important enough. One of the 
major drawbacks of IDS is the detection of too many innocuous events (false positives). 


There are many vendors supplying IDS software and appliances. The underlying 
detection engine for most of these products is based either on Snort or on Suricata. 
Each IDS solution adds its own connectivity (options for sensor placement), 
configuration, and reporting tools. 


INTRUSION PROTECTION SYSTEM (IPS) 

An Intrusion Protection System (IPS) adds some sort of real-time blocking (or 
shunning) functionality on top of the basic IDS. An IPS may drop packets, reset 
connections, or run a script to trigger a response on another server or network device 
(firewall, switch, or router). 


UNIFIED THREAT MANAGEMENT (UTM) 

Network security applications include antivirus scanners, intrusion detection/ 
prevention, and firewalls. These might be deployed as separate appliances or server 
applications, each with its own configuration and logging/reporting system. A Unified 
Threat Management (UTM) appliance is one that enforces a variety of security- 
related measures, combining the work of a firewall, malware scanner, and intrusion 
detection/prevention. A UTM centralizes the threat management service, providing 
simpler configuration and reporting compared to isolated applications spread across 
several servers or devices. Some of the major UTM vendors and products include 
Barracuda, Sophos, Check Point, Fortinet, Cisco Meraki, Juniper SRVX, and Dell 
SonicWall. 


There are two basic ways of implementing network connectivity for IDS and IPS or UTM 
server services and appliances: 


* Install the appliance inline with the network—this means that all network traffic 
passes through the server or appliance. This allows the appliance to block suspect 
traffic easily. The drawback is that a single appliance would represent a critical point 
of failure. If the forwarding function of the appliance were to fail, no traffic would be 
able to pass into or out of the network. This can be mitigated by using two or more 
appliances for redundancy. 

* Install the appliance as a sensor—this means that the appliance has a tap or 
mirror that enables it to view the traffic passing over a network link or switch. This 
makes prevention slower and more complex as the appliance must trigger a script 
for the preventive action to be enacted by another device (switch, router, or 
firewall). 


In both cases, the ability to deal with high traffic volumes is critical. If the device is 
overwhelmed by the traffic volume, it will not be inspecting all of that traffic and could 
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be allowing malicious traffic to pass undetected. A dedicated security appliance should 
be able to perform better in this respect than running the security service on a server 
or router. 


PROXY SERVER 

On a SOHO network, devices on the LAN access the Internet via the router using a type 
of Network Address Translation (NAT), specifically Port-based Network Address 
Translation. This type of NAT device translates between the private IP addresses used 
on the LAN and the publicly addressable IP addresses used on the Internet. 


Many enterprise networks use some sort of NAT too but another option is to use a 
proxy server. A proxy server does not just translate IP addresses. It takes a whole 
HTTP request from a client, checks it, then forwards it to the destination computer on 
the Internet. When the reply comes back, it checks it, and then shuttles it back to the 
LAN computer. A proxy can be used for other types of traffic too (email, for instance). 


A proxy server can usually operate either as a transparent service, in which case the 
client requires no special configuration, or as non-transparent. For a non-transparent 
proxy, the client must be configured with the IP address and service port (often 8080 
by convention) of the proxy server. 
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Activity 6-6 


Discussing Network Services 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Ifa network application cannot tolerate a missing packet, what type of 
transport protocol should it use? 


2. True or false? Protocols that stream video and audio over the Internet are 
likely to be based on UDP. 


3. What is DNS? 


4. What configuration parameter must be entered to enable a client to use 
DNS? 


5. True or false? An HTTP application secured using the SSL/TLS protocol should 
use a different port to unencrypted HTTP. 


6. What protocol would a mail client use to access the message store ona 
remote mail server? 
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7. A firewall filters applications based on their port number. 


If you want to configure a firewall on the mail server to allow clients to 
download email messages, which port(s) might you have to open? 


8. You are configuring a Network Attached Storage (NAS) appliance. 


What file sharing protocol(s) could you use to allow access to Windows, 
Linux, and Apple macOS clients? 


9. What is the difference between SNMP and syslog? 


10. You are advising a customer about types of security appliance. 


What are the principal types and configuration options? 
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Summary 


In this lesson, you identified many different network concepts and technologies. 
Networking is at the heart of any type of business. Without it, a business simply cannot 
function in today's world. It is your job to help ensure that the networks behind the 
business are running properly and managed correctly. 


What do you think are the most important network concepts covered in this 
lesson? 


What experience do you have with any of the technologies discussed in this 
lesson? 


Practice Question: Additional practice questions are available on the CompTIA CHOICE 
platform within the Assessments tile. 
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Configuring and Troubleshooting Networks 


LESSON INTRODUCTION 


In a previous lesson, you identified networking technologies. With that knowledge, you are now 
prepared to implement those technologies. In this lesson, you will install and configure networking 
capabilities. 


As a CompTIA® A+° technician, your duties will include setting up and configuring computers so 
that they can connect to a network. By installing, configuring, and troubleshooting networking 
capabilities, you will be able to provide users with the connectivity they need to be able to perform 
their job duties. 


LESSON OBJECTIVES 


In this lesson, you will: 

* Configure Windows settings for different types of Internet and VPN connections. 

* Install and configure SOHO router/modems and set up secure wireless access. 

* Configure firewall settings and browser options to ensure safe Internet use on a SOHO network. 
+ Use remote access technologies to connect to hosts over a network. 


* Troubleshoot wired and wireless problems plus IP configuration issues using command-line 
tools. 


* Select, install, and configure Internet of Things (loT) home automation devices. 
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Topic A 


Configure Network Connection Settings 


EXAM OBJECTIVES COVERED 
A 1001-2.3 Given a scenario, install and configure a basic wired/wireless SOHO network. 


1002-1.6 Given a scenario, use Microsoft Windows Control Panel utilities. 
1002-1.8 Given a scenario, configure Microsoft Windows networking on a client/desktop. 


Once all the hardware connections are made in a networking environment, you will 
need to make sure that the operating system is configured to use the hardware 
successfully. It is important to fully understand not only the hardware and the 
connections within a network, but also how Windows will need to be setup and 
configured to accomplish connectivity with the resources of a network. 


NIC PROPERTIES 


A computer joins a network by connecting the network adapter—or Network Interface 
Card (NIC)—to a switch or wireless access point. For proper end user device 
configuration, the card settings should be configured to match the capabilities of the 
network appliance. 


WIRED NETWORK CARDS 


Almost all wired network adapters are based on some type of Ethernet. The adapter's 
media type must match that of the switch it is connected to. Most use copper wire 
cable (RJ-45 connectors), though installations in some corporate networks may use 
fiber optic connections. The adapter and switch must also use the same Ethernet 
settings. The main parameters are: 


* Signaling speed—most devices you will see will support Gigabit Ethernet, working 
at a nominal data rate of 1 Gbps. Older standards include Fast Ethernet (100 Mbps) 
and "plain" Ethernet (10 Mbps). Most network adapters will work at all three speeds. 
There is also a 10 Gbps standard, though this is not often used for desktop 
machines as the adapters and switches are expensive. 

* Half or full duplex—this determines whether the connection transfers data in both 
directions simultaneously (full duplex) or not (half duplex). The overwhelming 
majority of devices use full duplex. Gigabit Ethernet requires full duplex to work. 


Most wired network adapters will autonegotiate network settings such as signaling 
speed and half- or full duplex operation with the switch. For this to work, both the port 
on the switch and the network adapter should be configured to use the 
"Autonegotiate" setting, which should be the default. 


If these settings do need to be configured manually, locate the adapter in Device 
Manager, right-click and select Properties, then update settings using the Advanced 
tab. 
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i 


Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) Prop... [m3] 


Advanced | Driver | Details | Resources | 


The following properties are available for this network adapter. Click 
the property you want to change on the left, and then select its value 
on the right. 


Interrupt Moderation Mbps Full Duplex 
IPv4 Checksum Offload ae mes Half Duple 
Jumbo Frame ps Full Duplex 
Large Send Offload (IPv4) bee Mbps Jed 
Large Send Offload v2 (IPv4) o Negoti 
Large Send Offload v2 (IPv6) 


10 
10 


m 


lex 
TCP Checksum Offload (IPv4) = 


Ethernet adapter properties in Device Manager. (Screenshot used with permission from Microsoft.) 


Most of the other settings can be left to the default. In some circumstances, you may 
be able to improve performance or troubleshoot connectivity problems by enabling or 
disabling or tweaking the parameters for settings such as jumbo frames, buffers, 
scaling, and offloads. 


QOS 


Quality of Service (QoS) means using a network protocol to prioritize certain types of 
traffic over others. Enterprise networks can use QoS protocols to make sure traffic 
such as Voice over IP calling or video conferencing is given higher priority than traffic 
where the timing of packets is less important, such as ordinary file downloads. 


QoS parameters are usually configured on a managed switch. In the network adapter 
properties, you may need to enable the QoS protocol ("802.1p" or "QoS Packet 
Tagging," for instance). It is possible that QoS may also be controlled by a higher level 
protocol, which would be configured via the QoS Packet Scheduler client software 
installed by default on the OS's logical adapter. 


ONBOARD NETWORK CARDS 


Most computers come with an onboard Gigabit Ethernet network adapter as part of 
the system chipset. The port will be an RJ-45 type for use with twisted-pair cabling. If 
there is any issue with the onboard NIC, the first step should be to use the BIOS/UEFI 
system setup program to find out whether it is enabled (look in the "Integrated 
Peripherals" or "Onboard Devices" section). You might disable the onboard adapter if 
installing a plug-in card. 
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WIRELESS NETWORK CARDS 


The most important setting on a wireless card is support for the 802.11 standard 
supported by the access point. Most cards are set to support any standard available. 
This means that a card that supports 802.11n will also be able to connect to 802.112 
and 802.11b networks. 

With the card shown in the following figure, for instance, you can enable or disable 
802.11n Mode and select either mixed support for 802.11b/g or force use of either. For 
802.11.n, you can also configure whether to use channel bonding. 


Note: Making a network work in compatibility mode can reduce the performance of the 
whole network. 


A couple of other settings are of interest: 


* Roaming Aggressiveness—when the adapter starts to move out of range of one 
access point, it might try to connect to another one with a better signal. Roaming 
aggressiveness determines how tolerant the adapter is of weak signals. If you use 
multiple APs, tweaking this setting up or down might result in better performance. 

* Transmit Power—this sets the radio power level. It is typically set to the highest 
possible by default. 


G 


Intel(R) Centrino(R) Wireless-N 1030 i Ea 


General | Advanced | Driver | Details | Resources | Power Management | 


The following properties are available for this network adapter. Click 
the property you want to change on the left, and then select its value 
on the right. 


Property: Value: 


(3. 802.11b/g ~] 


802.11n Channel Width for band 2.4 
802.11n Mode 
Ad Hoc Channel 802.11b/g 


Wireless Mode 


Wireless network adapter properties in Device Manager. (Screenshot used with permission from 
Microsoft.) 
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© Note: You might see a setting for "Ad hoc QoS Mode" on a wireless adapter. This enables 


Wireless Multimedia (WMM), which is a Wi-Fi specification for delivering QoS over wireless 
networks. 


WAKE ON LAN 


Wake on LAN (WoL) allows you to start up a computer remotely. When the computer 
is switched off (but not unplugged), the network card can be kept active using standby 
power. The administrator would use network software to broadcast a "magic packet" 
to the NIC; when it receives it, the NIC initiates the computer's boot process. 


The following properties are available for this network adapter. Click 
the property you want to change on the left, and then select its value 


Value: 


[MagicPacket å Pattemh v | 


Magic Packet 


[Magic Packet 
MagicPac he & PattemMatch 
MNS 
Pattem Match 


TCP Checksum Offload (IPv6) 
Transmit Buffers 

UDP Checksum Offload (IPv4) 
UDP Checksum Offload (IPv6) 


WoL settings for a network adapter. (Screenshot used with permission from Microsoft.) 


Some devices with wireless chipsets come with Wake-on-Wireless LAN (WoWLAN), 
but the technology is not so widely supported. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
VS and job aids on How to Set Up Wake on LAN. 
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NETWORK CONNECTIONS IN WINDOWS 7 AND WINDOWS 
8 


Having verified connection properties of the Ethernet or Wi-Fi interface, you must also 
configure the card with the appropriate network client software and protocol, including 
addressing information relevant to the protocol. 


Most Ethernet and Wi-Fi networks use the Internet Protocol (IP) with a DHCP server, 
which means that the card receives address parameters automatically. 


NETWORK AND SHARING CENTER 


In Windows® 7 and Windows 8, the Network and Sharing Center is used to provide an 
overview of network availability and configuration. Right-click the network status icon 
in the notification area and select Open Network and Sharing Center or open the 
applet via Control Panel. 


arim 
goo- 5E « Network and Internet » Network and Sharing Center v | +> | | Search Contro! Pane p | 
Control Panel H @ 
ontrol Panel Home i r r - F 
View your basic network information and set up connections 
Change adapter settings fi ES See full map 
g p' g: A Tr x YA 
Ch: dv: d shari ~ 
Sl eames = STUDENTOL Network Internet 
settings h 
(This computer) 
View your active networks Connect or disconnect 
ES Network Access type: No Internet access 
i m Public network Connections: J Local Area Connection 
Change your networking settings 
T Set up a new connection or network 
a Set up a wireless, broadband, dial-up, ad hoc, or VPN connection; or set up a router or access 
point. 
~~ Connect to a network 
Connect or reconnect to a wireless, wired, dial-up, or VPN network connection. 
$ Choose homegroup and sharing options 
See also Access files and printers located on other network computers, or change sharing settings. 
HomeGroup m 
> SS) Troubleshoot problems 
dn OP SEI Diagnose and repair network problems, or get troubleshooting information. 
Windows Firewall 


Windows 7 Network and Sharing Center. (Screenshot used with permission from Microsoft.) 


WIRED NETWORK CONNECTIONS 


To access the adapter property sheets, select Change adapter settings. In Windows 8, 
the option is labeled Manage network connections. 


Note: Alternatively, run nc pa. cp from the Instant Search box or Run dialog box. 


In Windows 7, the wired network adapter will be listed as Local Area Connection 
(though you can rename it if you prefer), whereas a wireless adapter will be listed as 
Wireless Network Connection. In Windows 8, the adapters are named Ethernet and 
WiFi. 
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GOUF « Network and Internet > Network Connections > v | +4 | Search Network Connections P| 
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= Local Area Connection | VirtualBox Host-Only Network 
Network cable unplugg¢ r T - 
K AT Atheros AR8151 PCI-E G| @ Disable st-Only Ethernet Ad... 
a” Wireless Network Conne ee ork Connection 2 
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ffl) Intel(R) Centrino(R) Wirg ual WiFi Miniport A... 


R ® Bridge Connections 

A Wireless Network Conne ~ 
= 

= Disabled Create Shortcut 


iff) Microsoft Virtual WiFi M 
Delete 


@ Rename 


Properties 


Network Connections in Windows 7. (Screenshot used with permission from Microsoft.) 


ADAPTER PROPERTIES 

Right-click an adapter and select Properties to configure settings or Status to view 
information about the connection. From the Properties dialog box, you can add or 
configure the appropriate service, protocol, or client. 


Networking 


Connect using: 
«Microsoft Virtual Machine Bus Network Adapter 


This connection uses the following items: 


v Client for Microsoft Networks 
{Z QoS Packet Scheduler 
{2} File and Printer Sharing for Microsoft Networks 


Y 
v 
V] -4. Intemet Protocol Version 6 (TCP/IPv6) 
“i 
v 


å. Intemet Protocol Version 4 (TCP/IPv4) 
-å Link-Layer Topology Discovery Mapper 1/0 Driver 
M| -+ Link-Layer Topology Discovery Responder 


l Install... | | Uninstall J Properties 
Description 
Allows your computer to access resources on a Microsoft 
network. 


OK Cancel 


Local Area Network Adapter properties. (Screenshot used with permission from Microsoft.) 


* Clients provide connections to types of file servers, such as Linux/UNIX or 
Windows. 


* Protocols provide the format for addressing and delivering data messages between 
systems, the most widely adopted being TCP/IP. 
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* Services allow your machine to provide network functionality to other machines. 


By default, the following clients, protocols, and services are installed on the default 
Ethernet adapter: 


* Client for Microsoft Networks. 

* File and Print Sharing for Microsoft Networks. 

* Internet Protocol—both IP version 4 and IP version 6 will be installed. The network 
adapter automatically uses the appropriate version of the protocol depending on 
the network it is connected to. 

* Link-layer Topology Discovery—provides the network mapping and discovery 
functions in the Network and Sharing Center. 


Checked items are described as being "bound" to an adapter. When installing a new 
protocol or service, check that it is only bound to adapters that should be using that 
protocol or service. 


WIRELESS NETWORK CONNECTIONS 

To join a WLAN, click the network status icon in the notification area and select from 
the list of displayed networks. If the access point is set to broadcast the network name 
or Service Set ID (SSID), then the network will appear in the list of available networks. 
The bars show the strength of the signal and the lock icon indicates whether the 
network uses encryption. To connect, select the network then enter the pre-shared key 
(or log on in the specified way if using a network authentication server). 


If you choose the Connect automatically option, Windows will use the network 
without prompting whenever it is in range. 
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Maea 
Connecting to a network using Windows 7. (Screenshot used with permission from Microsoft.) 


If the WLAN is not shown (if SSID broadcast is disabled), click Open Network and 
Sharing Center then Set up a new connection or network and proceed by entering 
the network SSID, security information, and network location type. 
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NETWORK CONNECTIONS IN WINDOWS 10 


Windows 10 manages network settings via the Network & Internet section in the 
Settings app. Use the Status page to monitor the current network connection. There 
are links to the Network and Sharing Center and Network Connections applets (via 


Change adapter options) from there. 


= Settings 
@ Status 
Network status 


A— @ 


comptia_wian 
Private network 


Change connection properties 


Show available networks 


& Change adapter options 
Vi 

B Sharing options 
For the networks tha 
Network troubleshooter 

View your network properties 


Windows Firewall 


Network and Sharing Centre 


Diagnose and fix network pro 


blems. 


© 


You're connected to the Internet 
If you have a limited data plan, you can make this network a 
metered connection or change other properties. 


Change your network settings 
View network adapters and change connection settings 


at you connect to, decide what you want to share 


Windows 10 Network & Internet Settings app. (Screenshot used with permission from Microsoft.) 


You can join a wireless network using the network status icon in the notification area. If 
you need to input WLAN settings manually, from the Network & internet page, select 


WiFi —Manage known networks—<Add a new network. 


IP ADDRESS CONFIGURATION 


IP address properties can be configured through the network connection's Properties 
dialog box. Both wired and wireless adapters are configured in the same way. By 

default, Windows machines obtain an IP address dynamically, but you can configure a 
static IP address and other settings, such as DNS servers. 
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General | Alternate Configuration | 


You can get IP settings assigned automatically if your network supports 
this capability. Otherwise, you need to ask your network administrator 
for the appropriate IP settings. 


iefault gateway 


@ Obtain DNS server address automatically 
© Use the following DNS server addresses: 


Internet Protocol version 4 (TCP/IP/v4) Properties dialog box. (Screenshot used with permission from 
Microsoft.) 


Note: A machine can communicate with local hosts with a valid IP address and subnet 
mask but cannot communicate with other networks unless a default gateway is specified. 


Note: A machine that cannot access a DNS server will not be able to resolve host names 
or web addresses. As DNS is a critical service, two server addresses are usually specified 
for redundancy. 


Note: In Windows 10, you can also configure IP via the Settings interface. Select Network 
& Internet then Ethernet or WiFi as appropriate. Click the adapter or WLAN SSID. Under 
"IP Settings," click the Edit button. 


AUTOMATIC IP CONFIGURATION AND DHCP 


Configuring IP addresses and other TCP/IP network information manually raises many 
difficult administrative issues and makes misconfiguration of one or more hosts more 
likely. A Dynamic Host Configuration Protocol (DHCP) service can be provided by a 
Windows Server or by a device such as a switch or router. DHCP can allocate an IP 
address to a new machine joining the network. To use DHCP, select the Obtain an IP 
address automatically option. If a Windows machine fails to obtain an IP address 
dynamically, it will utilize an Automatic Private IP Addressing (APIPA) address from a 
reserved range (169.254.x.y). 
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ALTERNATE CONFIGURATION 


Windows allows you to define an alternative IP address configuration for a machine if it 
cannot contact a DHCP server and using APIPA is unsuitable. This is useful in the 
scenario where you have a laptop computer connecting to DHCP in a corporate 
network but that requires a static IP address on the user's home network. 


a 


Internet Protocol Version 4 (TCP/IPv4) Properties —F- x 
Alternate Configuration | 


If this computer is used on more than one network, enter the alternate IP 
settings below. 


©) Automatic private IP address 


@ User configured 


IP address: 192.168. 0 . 100 
Subnet mask: 255 .255.255. 0 
Default gateway: 192.168. 0 .254 
Preferred DNS server: 192.168. 0 .254 
Alternate DNS server: 

Preferred WINS server: 

Alternate WINS server: 


V| Validate settings, if changed, upon exit 


Lox) [cancel _] 


TCP/IP Alternate Configuration dialog box. (Screenshot used with permission from Microsoft.) 


Note: The Alternate Configuration tab is not displayed unless the Obtain an IP 
address automatically option is selected. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
and job aids on How to Configure IP Addresses. 


< O © 


OTHER NETWORK CONNECTIONS 


Most residential and small office networks connect to the Internet via a SOHO "router." 
These Internet appliances combine a 4-port switch and wireless access point with a 
router/modem that can connect to the ISP's network over DSL or Hybrid Fiber Coax 
(HFC) lines. The computers connect to the router by using the switch ports or access 
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point and are assigned an IP configuration by a DHCP server running in the appliance. 
Correctly configuring the Ethernet or WiFi adapter in Network Connections will allow 
the computer to join this type of network. 


There are a number of other ways of connecting to the Internet and other remote 
networks, however. 


DIAL-UP 


A dial-up connection uses an analog modem to dial another modem on the ISP's 
remote access server, which then transfers the data onto the ISP's network and to and 
from the wider Internet. The call is placed in the same way as a voice call and may 
incur connection charges. The maximum link speed is just 56 Kbps. 


Note: Given perfect line conditions, modems can work at up to 56 Kbps downlink and 48 
Kbps uplink. Line conditions are rarely perfect, however, and actual speeds may be a lot 
lower. 


To create a dial-up connection, a modem must be installed in the computer or an 
external modem can be connected via USB. The dial-up port on the modem should 
then be connected to the phone socket. This is typically done using a silver satin cable 
with an RJ-11 connector for the modem and a suitable connector for the phone point, 
depending on region. For example, in the US an RJ-11 connector is used, but in the UK, 
a BT connector is often required. Regardless of the physical interface, the modem must 
be installed to one of the computer's software COM ports. The modem must also be 
configured with the local dialing properties, such as access prefix for an outside line, 
area code, and so on. 


5 


ko] © a 
€ 4 Create a Dial-up Connection 
Type the information from your Internet service provider (ISP) 
Dial-up phone number: [Phone number your ISP gave you] Diknas 


User name: [Name your ISP gave you] 


[Password your ISP gave you] 


Password: 
F] Show characters 
Remember this password 
Connection name: Dial-up Connection 


@ [F] Allow other people to use this connection 
This option allows anyone with access to this computer to use this connection. 


I don't have an ISP 


Configuring a dial-up connection in Windows 7. (Screenshot used with permission from Microsoft.) 


You can use the Set Up a Connection or Network wizard to configure a link to the 
ISP's server. 


You can connect or disconnect the link or reconfigure it using the network status icon. 
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WIRELESS WAN (CELLULAR) 


Wireless Wide Area Network (WWAN or cellular) Internet access refers to using an 
adapter to link to a cellular phone provider's network via the nearest available 
transmitter (base station). The bandwidth depends on the technologies supported by 
the adapter and by the transmitter (3G or 4G, for instance). 


The WWAN adapter can be fitted as a USB device or (on laptops) as an internal 
adapter. The advantage of the latter is that they do not protrude from the chassis; USB 
adapters are quite unwieldy. 


Once the vendor's software has been installed, plug in the adapter and it will be 
detected and configured automatically. You can then use the software to open a 
connection, check signal strength, view usage, and so on. 


Vodafone Mobile Connect 


File View Settings Tools Help 
Mobile Connect Mobile Connections 


OS, Main View Vodafone UK HSUPA 


(‘<2 
ices. |Z 


Ss View Usage 
= Manage Devices 


Other Programs 


[=5 Vodafone SMS 


€@ ven 


WLAN 


$) 


vodafone 


Vodafone Mobile Connect management software. 


VIRTUAL PRIVATE NETWORK (VPN) 

A Virtual Private Network (VPN) is a "tunnel" through the Internet. It allows a remote 
computer to join the local network securely. Windows supports a number of VPN types 
but you may need to obtain third-party software. 


If the VPN type is supported, you can configure a connection using the Windows client 
from Network Connections. 
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(J) @ Set Up a Connection or Network 


Choose a connection option 


Connect to the Internet — 
Set up a wireless, broadband, or dial-up connection to the Internet. 


Di Set up a new network 


sa, Configure a new router or access point. 


m 


Gu Manually connect to a wireless network 
sa, Connect to a hidden network or create a new wireless profile. 


Connect to a workplace 
Set up a dial-up or VPN connection to your workplace 


4 Set up a dial-up connection 


Connect to the Internet using a dial-up connection. 


Set Up a Connection or Network wizard. (Screenshot used with permission from Microsoft.) 


Subsequently, the network connection will be available by clicking the network status 
icon. Right-click the icon under "Dial-up and VPN" to Connect or Disconnect or modify 
the connection's Properties. 


Currently connected to: +4 
9 Internet access 
Dial-up and VPN “a 
gtslea E, | 
| Connect è 
Wirele Properties a 
Connected „Mil 
anl | | 
anl |! 


Accessing a VPN connection from the network status icon in Windows 7. (Screenshot used with 
permission from Microsoft.) 
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Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
and job aids on How to Configure Other Network Connection Settings. 
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Activity 7-1 


Discussing Network Connection 
Configuration Settings 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. You need to configure duplex settings on a network adapter manually. 


What steps do you need to follow? 


2. True or false? If you want a computer to be available through Wake-on-LAN, 
you can disconnect it from the power supply but must leave it connected to 
the network data port. 


3. A Windows computer is configured to use DHCP, but no DHCP server is available. 
The computer is not using an APIPA address either. 


Why is this? 


4. Why are IP addresses entered under DNS, and why should there be two of 
them? 


5. What parameters do you need to specify to connect to a VPN? 
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Activity 7-2 


Configuring Network Connection 
Settings 


BEFORE YOU BEGIN 


You need to stage a configuration error to discover as you work through this activity. 
Perform these steps to run the C\COMPTIA-LABS\LABFILES\unplug.ps1 PowerShell 


script: 
1. On the HOST computer, activate the Instant Search box, and type 
powershell 


2. Right-click the Windows PowerShell icon and select Run as administrator. 
Select Yes to accept the UAC prompt. 


3. Inthe Windows PowerShell window, type c:\\comptia-labs\labfiles 
\unp1ug and press Enter. Type R to run the script once. 


Note: If you receive an error message about disabled scripts, run the Set - 
ExecutionPolicy Unrestricted cmdlet, and type A (for Yes to 
All) when you are prompted. Then, try running the unplug script again. 


SCENARIO 

In this activity, you will use five VMs and one virtual switch to create a complete LAN, all 
running within your HOST computer. The following network diagram is provided to 
assist you. 


[| 172.16.0.0/30 |  10.1.0.0/24 


EE 10x m 2 A 


PCZ PC1 MST DC1 
_ (Windows 7) (Windows 10) 


——s> 


VLOCAL Switch 


Network environment for configuring network connection settings. 
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1. Using the network diagram, observe and verify the following features: 


The network interfaces shown within the VLOCAL Switch box are all connected to the 
same virtual switch. The virtual switch functionality is always running as part of the 
Hyper-V hypervisor. You do not need to start it at any point. 

The round icon at the top shows a router VM that has two interfaces. This is configured 
at the default gateway for all the other VMs. You will only look at a single local network 
in this activity, so there is no actual connectivity through the external interface. 

The "pipe" icon shows the IP addressing scheme used by the hosts connected to this 
switch. All addresses come from the range 10.1.0.0/24 (subnet mask: 255.255.255.0). 
The number on each host shows its static address. For example, the router's full IP 
address for the local interface is 10.1.0.254. 

There are two Windows Server VMs. The DC1 VM is running Active Directory and DNS 
and has the static IP address 10.1.0.1. The MS1 VM is running DHCP and has the static 
address 10.1.0.2. 

The PC1 and PC2 VMs are the Windows 10 and Windows 7 client workstations you have 
used previously. Their addresses are dynamically assigned by the DHCP server from the 
range 10.1.0.101 to 10.1.0.109. 


2. Start the VMs to create the network. 


You do not need to open connection windows for the VMs unless you are specifically 
prompted to do so. 


a) 
b) 
c) 
d) 
e) 
f) 


In Hyper-V Manager, right-click RT1-LOCAL and select Start. 

Right-click DC1 and select Start. 

Wait until the DC1 thumbnail shows the logon screen, and then start MS1. 

Wait until the MS1 thumbnail shows the logon screen, and then start PC1 and PC2. 
Open a connection window for PC2. 

Sign on, using the account 515support\Administrator and password Pa$$w0rd 


3. On the PC2 VM, view the adapter status, and open the Network and Sharing 
Center. 


a) 


b) 


On PC2, on the taskbar, point to the network status icon | and observe the tool tip. 


It should identify the network connection as corp.515support.com with the alert that 
there is no Internet access. 


Select the icon and select Open Network and Sharing Center. 
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c) | Examine the information shown about the network layout and type. Also, note that 
under Change your network settings, there is an option to set up a new connection, 
such as a dial-up or VPN connection. 


(=| fata] 
( ag [5E « Network and Internet » Network and Sharing Center X | +4 | | Search Control Pane p | 
Control Panel H @ 
ontrol Panel Home 5 = - = s 
View your basic network information and set up connections 
i See full ma 
Change adapter settings il Do x a) P 
hi hari z 
c gS advanced shang PC2 corp.515support.com Internet 
settings = 
(This computer) 
View your active networks Connect or disconnect 
ip corp.515support.com Access type: No Internet access 
Domain network Connections: Q Local Area Connection 
Change your networking settings 
‘iG Set up a new connection or network 
Set up a wireless, broadband, dial-up, ad hoc, or VPN connection; or set up a router or access 
point. 
ES Connect to a network 
Connect or reconnect to a wireless, wired, dial-up, or VPN network connection. 
wd Choose homegroup and sharing options 
Access files and printers located on other network computers, or change sharing settings. 
See also [Z] Troubleshoot problems 
HomeGroup Diagnose and repair network problems, or get troubleshooting information. 
Internet Options 
Windows Firewall 


Network and Sharing Center in Windows 7. (Screenshot used with permission from 
Microsoft.) 


View the adapter properties. 
a) Select the Local Area Connection link. 


b) Inthe Local Area Connection Status dialog box, examine the link speed, and then 
select the Details button. 


c) In the Network Connection Details dialog box, examine the values for IPv4 
Address, IPv4 Subnet Mask, IPv4 Default Gateway, IPv4 DNS Server, and IPv4 
DHCP Server. Make sure you can relate them to the network topology diagram 
shown at the start of the activity. 


d) Select Close to return to the Local Area Connection dialog box. 
e) Select the Properties button. 
You can bind and configure clients, services, and protocols in this dialog box. 
f) Double-click Internet Protocol Version 4 (TCP/IPv4). 
The adapter is set to obtain its configuration automatically. 
g) Select the Alternate Configuration tab. 
You can use this to set a static IP address if no DHCP server is available. This address 
would be used instead of an APIPA address. 
h) Select the Cancel button. 
i) Select the Configure button. If prompted with Do you wish to proceed?, select Yes. 


j) In the Microsoft Virtual Machine Bus Network Adapter Properties dialog box, 
select the Advanced tab. 


This is the same Properties dialog box that would open if you selected the adapter 
via Device Manager. This emulated network adapter driver does not support many 
configurable settings. There are no options for Wake-on-LAN or QoS. 


Note: Optionally, open this dialog box on the HOST computer, and compare 
the difference. 
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k) 


Select Cancel, and then select Close. 


5. Browse the network to identify other hosts and resources. 


a) 
b) 
c) 


d) 


In the Network and Sharing Center, under View your basic network information, 
select the corp.515support.com link. 


If a Network discovery is turned off bar is shown, select it, and then select Turn on 
network discovery and file sharing. 


Double-click the DC1 icon. 
The server is hosting several shared folders. 
Select the Back button. 


Notice that PC1 is missing. 


6. Open a connection window for PC1, and sign on as 515support\Administrator. 
Identify what network problem occurred, and remediate it. 


a) 
b) 
c) 


d) 


n) 


In Hyper-V Manager, double-click the PC1 icon. 
Select Other user. 


In the User name dialog box, type 515support\administrator. Type Pa$$w0rd in the 
other box, and press Enter. 


Observe the network status icon. 


The red cross means that the network cable is not connected (or the adapter is 
faulty). Instead of checking the back of the computer for the cable, you need to look 
at the VM's configuration settings. 


In the VM connection window, select File—Settings. 

Select the Network Adapter node. 

It is listed as Not connected. 

From the Virtual switch list box, select VLOCAL and then select OK. 


Observe the network status icon change. 

It should connect to the corp.515support.com network, but still show an error status 
for Internet connectivity. 

Select the icon, and select Network & Internet settings. 

Scroll down and select View your network properties. 

This shows the same sort of information as the Windows 7 Status dialog box. 

Select the Back button. 

Select the Network and Sharing Center link. 

This interface is still available in Windows 10, though it does not show all of the same 


information as in Windows 7. The adapter is named Ethernet, rather than Local Area 
Connection. 


Close the Network and Sharing Center. 


If you have time, view the other nodes in Network & Internet settings. Note the 
different options under Ethernet compared to Status. Also note the options for 
configuring dial-up and VPN connections. 


Note: The VM does not have a wireless adapter. If such an adapter were 
present however, there would be a WiFi node to use to configure it. 


7. At the end of each activity, you need to close the VMs and discard any changes 
you made. 


a) 
b) 
c) 


From the connection window, select Action—Revert. 

If you are prompted to confirm, select the Revert button. 

On the HOST, in the Hyper-V Manager console, right-click each VM that is still 
running and select Revert. At the end of the lab, the state of each VM should be listed 
as Off. 
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Topic B 


Install and Configure SOHO Networks 


EXAM OBJECTIVES COVERED 
El 1001-2.3 Given a scenario, install and configure a basic wired/wireless SOHO network. 


1002-2.3 Compare and contrast wireless security protocols and authentication methods. 
1002-2.10 Given a scenario, configure security on SOHO wireless and wired networks. 


Previously in this course, you covered basic networking concepts, the Transmission 
Control Protocol/Internet Protocol (TCP/IP) addressing scheme, and how networks are 
connected. In this topic, you will use that knowledge to install and configure a SOHO 
network. 


No matter what the size or location of the network, you are still responsible for 
understanding how it is structured and configured. A+ technicians must understand 
the needs and complexities of SOHO wired and wireless networks. 


SOHO NETWORKS 


A Small Office Home Office (SOHO) LAN is a business-oriented network, possibly using 
a centralized server in addition to client devices and printers, but often using a single 
Internet appliance to provide connectivity. Home and residential networks may also be 
classed as SOHO. 


Internet 
Service 


Provider 


Router Internet 
Router/ 


Modem/ 
Access Point 


A typical SOHO network layout. 
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COMMON SOHO NETWORK HARDWARE 


A DSL/cable modem is installed as Customer Premises Equipment (CPE), typically as 
some sort of combined router/modem. Make sure you understand the functions of the 
separate device types bundled within these appliances: 


* Modem—connects to the service provider cabling and transfers frames over the 
link. The modem type must be matched to the network type (ADSL, VDSL, or cable). 

+ Router—forwards packets over the WAN (Internet) interface if they do not have a 
local destination IP address. Some appliances may provide the ability to configure 
local subnets, though this is not typical of the device's supplied by the service 
providers. 

* Switch—allows local computers and other host types to connect to the network via 
RJ-45 ports. This will be an unmanaged switch so no configuration is necessary. 

* Access point—allows hosts to connect to the network over Wi-Fi. 


On a DSL modem, the RJ-11 port on the modem connects to the phone point. A 
microfilter (splitter) must be installed to separate voice and data signals. These can be 
self-installed on each phone point by the customer. Modern sockets are likely to 
feature a built-in splitter. 


cs 
Sr sp. 
ae 

ao 


A self-installed DSL splitter. 


Note: The modem might be provided as a separate device. If this is the case, it will 
provide an Rj-45 port to connect to the RJ-45 WAN port on the router. 


to the provider network using a coax cable. Make sure the coax connector is secure (but 
do not overtighten it). 


N Note: The steps for most cable modems are the same except that you will be connecting 


SOHO NETWORK CONFIGURATION 


You need to connect a computer (PC or laptop) to the device's built-in unmanaged 
switch so that you can configure the appliance. Make sure the computer is set to 
obtain an IP address automatically. Connect the computer to one of the RJ-45 LAN 
ports on the router/modem. These are usually color-coded yellow. Wait for the 
Dynamic Host Configuration Protocol (DHCP) server running on the router/modem to 
allocate a valid IP address to the computer. 


Use a browser to open the device's management URL, as listed in the documentation. 
This could be an IP address or a host/domain name: 


http://192.168.0.1 


http://www. routerlogin.com 
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It might use HTTPS rather than unencrypted HTTP: If you cannot connect, check that 
the computer's IP address is in the same range as the device IP. 


The management software will prompt you to choose a new administrator password. 
Enter the default password (as listed in the documentation or printed on a sticker 
accompanying the router/modem). Choose a long password (12 characters or more) 
with a mix of alphanumeric and symbol characters. If there is also an option to change 
the default username of the administrator account, this is also a little bit more secure 
than leaving the default configured. 


CONFIGURING INTERNET ACCESS 

Most appliances will use a wizard-based setup to connect to the Internet via the service 
provider's network. The DSL/cable link parameters are normally self-configuring. You 
might need to supply a username and password. If manual configuration is required, 
obtain the settings from your ISP. 


TP-LINK 


Archer VR900 Quick Setup Advanced 


Logout Reboot 


M status WAN Interface 


@ Refresh @ Add © Delete all 
C4 Operation Mode 


WAN Interface Name VPI/VCI or VID Status Operation Modify 
| ® Network pppoe_ptm_101_0_d 101 Connected Disconnect Bw 
|O ome | a Se 

LAN Settings DSL Modulation Type: VDSL 
VLAN ID: 101 
Interface Grouping 
DSL Settings - 
Internet Connection Type: PPPoE 
Dynamic DNS Username: broadband.user@btbroa 


Password: 
Advanced Routing 


Confirm password: 
IPSec VPN 
Connection Mode: @ Always on 


= © Connect on demand 
iptv 


Connect manually 


Configuring DSL modem settings. Note that this VDSL modem is connecting to a Fiber to the Curb 
(FTTC) service. The DSL segment only runs between the premises and the service provider's cabinet, 
located in a nearby street. From the cabinet, there is a fiber optic cable running back to the local 
exchange. (Screenshot courtesy of TP-Link.) 


You can also use the management console to view line status and the system log. 
These might be required by the ISP to troubleshoot any issues with the connection. 
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TP-LINK Ə * 


Archer VR900 Quick Setup Advanced SE a 


M status 
© vs 
GJ Operation Mode 
Line Status: Connected 
@® network DSL Modulation Type: VDSL2 
Annex Type: Annex A/L/M 
Œ iptv 
Upstream Downstream 
Q Wireless 
Current Rate(kbps) 9999 35428 
ER Guest Network Max Rate(kbps) 19294 41045 
SNR Margin(dB) 12.9 7.8 
@ NAT Forwarding 
Line Attenuation(dB) 0 31.6 
A USB Settings 
Errors(pkts) 0 0 


dÈ Parental Control 


Viewing DSL line status. (Screenshot courtesy of TP-Link.) 


WIRELESS SETTINGS 


Having set up Internet access, the next step is to configure wireless settings. The 
majority of hosts will connect to the network wirelessly. Initial configuration is likely to 
be part of the device's setup wizard, but if you skipped that or need to reconfigure 
settings, the management software will have a separate page or section for wireless 
configuration. 


Having checked the box to enable wireless communications, you can adjust the 
following settings from the default. 


* Frequency band (2.4 GHz or 5 GHz)—on an 802.11ac access point, you can use the 
same network settings over both bands. Clients will connect to any supported 
frequency. Alternatively, you can configure different network names for each 
frequency. You might want to use one frequency but not the other, depending on 
the range of devices you have using the wireless network. 


Note: It is best practice not to enable services you do not need, especially on a 
multifunction device such as this. Most devices are now shipped in "security-enabled" 
configurations, meaning that you explicitly have to choose to enable services that you 
want to run. 


* SSID (Service Set ID)—a name for the WLAN. This can be up to 32 characters and 
must be different to any other networks nearby. 

* Security version and encryption type—always choose the highest mode supported 
by your wireless clients (WPA2 with AES). Note that WEP provides very weak security 
and should not be relied upon for confidentiality. 

e Password (Pre-Shared Key)—on a SOHO network you will choose a password for 
use by all client devices to connect to the network. The password generates the 
encryption key. The same key must be configured on client adapters to enable them 
to connect. 


@ Note: Choose a strong passphrase and keep it secret. In order to generate a strong 


key, use a longer phrase than you would for a normal password. 
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* Mode—enable compatibility for different 802.11 devices. Performance may be 
improved if you disable support for unnecessary legacy standards. The typical 
configuration is to use the 2.4 GHz band for legacy b/g/n stations and the 5 GHz 
band for ac stations. 

* Channel and channel width—the access point will try to auto-detect the best 
channel at boot time. You might adjust the settings manually if you subsequently 
experience a weak connection caused by interference from other devices. For 
802.11n/ac access points, you may be able to configure the use of wide channels 
(bonding) for more bandwidth. This may only be practical in the 5 GHz band, 
depending on the wireless site design. 


Archer VR900 Quick Setup Advanced English {v 
M Status Wireless Settings 2.4GHz | SGHz @ 
GJ Operation Mode Wireless Radio Mi Enable 
Wireless Network Name (SSID): comptia_wlan Hide SSID 
(3) Network 
Secunty: WPA/WPA2 Personal (Recommended v 
CE iptv Version Auto @ WPA2-PSK 
Encryption: © AES 
@ Wireless 
Password: 12345670 
Mode: 802.11ign mixed v 
Wireless Settings 
Channel Auto v 
WPS 
Channel Width: Auto v 
MAC Filte a 
ne Transmit Power Low Middle ©O High 


Wireless Schedule Save 


Statistics 


Advanced Settings 


Firmware Version:0.1.0 0.9.1 v0069.0 Build 160525 Rel.38143n Hardware Version:Archer VR900 v2 00000000 Support 


Configuring an access point. (Screenshot courtesy of TP-Link.) 


DHCP AND IP ADDRESS CONFIGURATION 


You may want to adjust the settings for the DHCP server. This assigns wired and 
wireless clients an appropriate IP addressing configuration. It is always enabled "out of 
the box" to allow users to connect to the configuration page easily. If you disable 
DHCP, IP settings have to be allocated and configured manually on client devices. This 
adds a lot of administrative overhead and introduces the possibility of configuration 
errors. Also, it is not difficult for a determined attacker to identify the IP scope in use. 
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TP-LINK i) 


Archer VR900 Quick Setup Advanced tout 


@ Status DHCP Server 
IP Version: @ IPv4 O IPv6 
GJ Operation Mode 
MAC Address: 60:E3:27:CF:EA:CB 
ea) Network LAN IPv4: 192.168.1.1 
Subnet Mask: 255.255.255.0 v 
Internet 
IGMP Snooping: M Enable IGMP Snooping 
DHCP: M Enable DHCP 
Interface Grouping @ DHCP Server O DHCP Relay 
IP Address Pool: 192.168.1.100 - 192.168.1.199 
DSL Settings 
Address Lease Time: 1440 minutes(1-2880) 
Dynamic DNS 3 
Default Gateway: 192.168.1.1 (Optional) 
Advanced Routing Default Domain: (Optional) 
IPSec VPN Primary DNS: 0.0.0.0 (Optional) 
Secondary DNS: 0.0.0.0 (Optional) 


Configuring the DHCP server. (Screenshot courtesy of TP-Link.) 


WPS 


As setting up an access point securely is relatively complex, vendors have developed a 
system to automate the process called Wi-Fi Protected Setup (WPS). 


To use WPS, all the wireless devices (access point and wireless adapters) must be WPS- 
capable. Typically, the devices will have a pushbutton. Activating this on the access 
point and the adapter simultaneously will associate the device with the access point 
using WPA2. The system generates a random SSID and passphrase. 
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Archer VR900 Quick Setup Advanced English { 
M status Router PIN 2.4GHz | 5GHZ @ 
Other devices can connect to the router using the router's WPS PIN. 
Ga Operation Mode 
Router PIN: 
Œ PT WPS Settings 2.4GHz | 5GHZz 
| @ wireless Enable WPS: T 


Wireless Settings Select a setup method: 


@ Push Button (Recommended) 


WPS Press the physical WPS button on the router or click the Connect button below. 


Connect Failed to add the device! 
MAC Filtering 


D) PIN Code 
Wireless Schedule 


Statistics 


Advanced Settings 


Firmware Version:0.1.0 0.9.1 v0069.0 Build 160525 Rel.38143n Hardware Version:Archer VR900 v2 00000000 Support 
If you use WPS, disable the PIN configuration method if possible. (Screenshot courtesy of TP-Link.) 


Note: There is a WPS PIN method too but this is vulnerable to "brute force" attacks, 
where someone tries to guess the passphrase to get access to the networks. It is advisable 
to disable this method if possible. 


ACCESS POINT PLACEMENT 


Antenna and access point placement is important for ensuring a robust network—one 
that clients can connect to wherever they are in the building. In a SOHO network, with 
an integrated router/modem/access point, placement of the access point is likely to be 
constrained by the location of the service provider's cabling. If this does not provide 
sufficient coverage, the typical solution is to use extenders to repeat and boost the 
wireless signal in locations where it is not strong enough. 


A site survey can be performed with wireless signal measuring software (such as 
inSSIDer) to identify "dead zones." 


CHANNEL SELECTION 


The 2.4 GHz band for 802.11b/g/n is subdivided into 11 channels (in the US), spaced at 
5 MHZ intervals. However, the recommendation is to allow 25 MHz spacing between 
channels in active use. In practice, therefore, no more than three nearby 802.11b/g/n 
access points can have non-overlapping channels. This could be implemented, for 
example, by selecting channel 1 for AP1, channel 6 for AP2, and channel 11 for AP3. 
When using the 5 GHz band, more non-overlapping channels are available. 
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1 2 3 4 5 6 7 8 9 10 11 12 13 14 Channel 
2412 2417 2422 2427 2432 2437 2442 2447 2452 2457 2462 2467 2.472 2484 Center Frequency 


T. (GHz) 


Frequencies and overlap of wireless channels. 


Newer access points will auto-detect the channel that seems least congested at boot 
time. As the environment changes, you may find that this channel selection is not the 
optimum one. You can use a wireless spectrum analyzer to find which channels in your 
area are actually the least busy. 


RADIO POWER LEVELS 


You may want to turn the power output on an AP down to prevent "war driving." War 
driving is the practice of driving around with a wireless-enabled laptop scanning for 
unsecure WLANs. The main problem with this approach is that it requires careful 
configuration to ensure that there is acceptable coverage for legitimate users. You also 
expose yourself slightly to "evil twin" attacks, as users may expect to find the network 
at a given location and assume that a rogue AP is legitimate. 


-| iz 
TP-LINK i o x* 
Archer VR900 Quick Setup Advanced English bd Logout Reboot 
M status Wireless Settings 2.4GHz | 5GHZ ® 
GJ Operation Mode Wireless Radio: Mi Enable 
Wireless Network Name (SSID): comptia_wlan O Hide SSID 
® Network 
Security: WPA/WPA2 Personal (Recommended) hs 
Œ iptv Version: O Auto @ WPA2-PSK 
Encryption: @ AES 
@ Wireless 
Password: 12345670 


i Mode: 802.11gn mixed Ne 
Wireless Settings = 


Channel: Auto T: 
WPS 
Channel Width: Auto v 
MAC Filterin 
z Transmit Power: D Low O Midde © High 


Wireless Schedule 


Statistics 


Advanced Settings 


Firmware Version:0.1.0 0.9.1 v0069.0 Build 160525 Rel.38143n Hardware Version:Archer VR900 v2 00000000 Support 


You have the option to set the Transmit Power level when configuring wireless settings on this access 
point. (Screenshot courtesy of TP-Link.) 


Increasing power output to boost a signal is not always reliable. As you increase power, 
you also increase the chance of the signal bouncing, causing more interference, 


Lesson 7: Configuring and Troubleshooting Networks | Topic B 


The Official CompTIA® A+® Core 7 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 401 


especially if there are multiple access points. Also, the client radio power levels should 
match those of the access point or they may be able to receive signals but not transmit 
back. Consequently, power levels are best set to autonegotiate. You should also be 
aware of legal restrictions on power output—these vary from country-to-country. 


WI-FI SECURITY PROTOCOLS 


Wireless LANs require careful configuration to make the connection and transmissions 
over the connection secure. The main problem with wireless is that because it is 
"unguided," there is no way to contain the signal. Anyone with a suitably equipped 
laptop or RF (Radio Frequency) scanner can intercept the signals. If the proper security 
has not been put in place, this could allow the interception of data or the unauthorized 
use of the network. 


The crucial step in enforcing wireless security is to enable encryption. Encryption 
scrambles the messages being sent over the WLAN so that anyone intercepting them is 
not able to capture any valuable information. An encryption system consists of a 
cipher, which is the process used to scramble the message, and a key. The key is a 
unique value that allows the recipient to decrypt a message that has been encrypted 
using the same cipher and key. Obviously, the key must be known only to valid 
recipients or the encryption system will offer no protection. 


WIRED EQUIVALENT PRIVACY (WEP) 


The Wired Equivalent Privacy (WEP) encryption system is based on the RC4 cipher. 
RC stands for Ron's Cipher, after its inventor, Ron Rivest. Under WEP version 1, you can 
select from different key sizes (64-bit or 128-bit). A larger key makes it more difficult to 
attack the security system. 


Although WEP might sound like a good solution at first, it is not as secure as it should 
be. The problem stems from the way WEP produces keys. Because of a flaw in the 
method, attackers can quite easily generate their own keys by using a wireless network 
capture tool to analyze network data and crack WEP in a short period of time. 


Consequently, WEP is deprecated and should not be used to secure a wireless 
network. 


WI-FI PROTECTED ACCESS (WPA) 

Wi-Fi Protected Access (WPA) fixes most of the security problems with WEP. WPA still 
uses the RC4 cipher but adds a mechanism called Temporal Key Integrity Protocol 
(TKIP) to fix the issues with key generation. 


The original version of WPA was introduced as an upgrade for equipment supporting 
WEP. The continued reliance on WEP meant that the protocol did not meet the 
requirements of the IEEE 802.111 security standard. An update, known as WPA2, was 
developed as a fully compliant 802.11i security protocol. The main difference to WPA is 
the use of the Advanced Encryption Standard (AES) cipher for encryption. AES is 
much stronger than RC4/TKIP. 


The only reason not to use WPA2 is if it is not supported by adapters, APs, or operating 
systems on the network. WPA2 is very well-established now and most devices should 
support it. WPA is an acceptable fallback, especially on home networks, where the risk 
of intrusion is quite low. 


Note: WPA/WPA2 can still depend on the use of a passphrase to generate the key. If the 
passphrase is an easy-to-guess word or phrase, the key can be discovered and the 


encryption system cracked. 
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WI-FI AUTHENTICATION 


It is possible to configure a WLAN as open, meaning that anyone can connect to it. In 
order to secure the WLAN, however, you need to be able to confirm that only valid 
users are connecting to it by authenticating them. WLAN authentication comes in two 


types. 
PERSONAL 


The personal authentication mode is based on a Pre-shared Key (PSK). This is the key 
that is used to encrypt communications. A PSK is generated from a passphrase, which 
is like a long password. In WPA-PSK, the router administrator defines a passphrase of 
between 8 and 63 ASCII characters. This is converted into a 256-bit cryptographic hash, 
expressed as a 64-digit hex value where each hex digit represents 4 bits. 


This means that it should contain a mixture of upper- and lower-case letters and digits 


Note: It is critical that PSK passphrases be long (12 characters or more) and complex. 
and no dictionary words or common names. 


The main problem is that distribution of the key or passphrase cannot be secured 
properly, and on a home network, the user acting as the administrator may choose an 
unsecure phrase. It also fails to provide accounting, as all users share the same key. 
The advantage is that it is simple to set up. Conversely, changing the key periodically 
(as would be good security practice) is difficult as the new key must be communicated 
to all users and updated on all their devices. 


PSK is the only type of authentication available for WLANs that use WEP encryption 
technology. It is also suitable for SOHO networks and workgroups that use WPA or 
WPAZ encryption. 


ENTERPRISE 


WPA and WPA2 can implement enterprise mode authentication, where the access 
point passes authentication information to a Remote Authentication Dial-in User 
Service (RADIUS) server for validation. This type of authentication is suitable for 
server-/domain-based networks. 


COMMON SOHO SECURITY ISSUES 


Although encryption and setting a strong passphrase are the most important factors in 
configuring effective Wi-Fi security, there are other configuration changes you may 
want to make. Here are some additional security problems and solutions. 


SERVICE SET ID (SSID) 

The Service Set ID (SSID) is a simple name (case sensitive 32-bit alphanumeric string) 
for users to identify the WLAN by. Vendors use default SSIDs for their products based 
on the device brand or model. You should change it to something that your users will 
recognize and will not get confused between nearby networks. Given that, ona 
residential network, you should not use an SSID that reveals personal information, 
such as an address or surname. Similarly, on a business network, you may not want to 
use a meaningful name. For example, an SSID like "Accounts" could prove tempting to 
would-be attackers. 


Disabling broadcast of the SSID prevents any adapters not manually configured to 
connect to the name you specify from finding the network. This provides a margin of 
privacy. 


Note: Hiding the SSID does not secure the network; you must enable encryption. Even 
when broadcast is disabled, the SSID can still be detected using packet sniffing tools. 
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PHYSICAL SECURITY 


On a business network, physical access to important network infrastructure like 
switches and routers should be restricted to administrators and technicians. Most 
devices are stored in a locked equipment room and may also be protected by lockable 
cabinets. Many devices can be reset to the factory configuration with physical access. 
This could allow someone to disrupt the network or gain access to administrative 
settings (though probably not without being noticed). 


UPDATING FIRMWARE 


You should keep the firmware and driver for the Internet appliance up-to-date with the 
latest patches. This is important to fix security holes and to support the latest security 
standards, such as WPA2. To perform a firmware update, download the update from 
the vendor's website, taking care to select the correct patch for your device make and 
model. Select the Firmware Upgrade option and browse for the firmware file you 
downloaded. 


Make sure that power to the device is not interrupted during the update process. 


TP-LINK 


Archer VR900 Quick Setup Advanced 


dh Parental Control 


Firmware Upgrade 
@ Bandwidth Control 


New Firmware File: 
2. Eh ni 
(security Firmware Version: 0.9.1 1.1 v004c.0 Build 150729 Rel.40033n 


Hardware Version: Archer VR900 v1 00000000 


gb System Tools 
Upgrade 


Time Settings 


Diagnostics 


‘Firmware Upgrade ! 


Upgrading device firmware. (Screenshot courtesy of TP-Link.) 


ASSIGNING STATIC IP ADDRESSES 


Assigning static IP addresses means that the DHCP server is disabled and clients must 
be configured manually to join the network properly. It would be trivial for an attacker 
to identify the appropriate subnet so this is not something that would deter a 
determined attack. 


Note that devices such as the router/modem must be configured with a static address 
because it acts as a DHCP server, and client devices need to use it as the default 
gateway. 


LATENCY AND JITTER 


Quality of Service (QoS) means using a network protocol to prioritize certain types of 
traffic over others. 


Many networks are now being pressed into service to provide two-way 
communications, with applications such as Voice over IP (VoIP), video conferencing, 
and multiplayer gaming. Applications such as voice and video that carry real-time data 
have different network requirements to the sort of data represented by file transfer. 
With "ordinary" data, it might be beneficial to transfer a file as quickly as possible, but 
the sequence in which the packets are delivered and variable intervals between 
packets arriving do not materially affect the application. This type of data transfer is 
described as "bursty." Network protocols such as HTTP, FTP, or email are very sensitive 
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to packet loss but are tolerant to delays in delivery. The reverse is applicable to real- 
time applications; they can compensate for some amount of packet loss, but are very 
sensitive toward delays in data delivery. 


Problems with the timing and sequence of packet delivery are defined as latency and 
jitter: 


+ Latency (Delay)—the time it takes for a signal to reach the recipient. A video 
application can support a latency of about 80 ms, while typical latency on the 
Internet can reach 1000 ms at peak times. Latency is a particular problem for 2-way 
applications, such as VoIP (telephone), online conferencing, and multiplayer gaming. 

*  Jitter—variation in the delay; often caused by congestion at routers and other 
internetwork devices or by configuration errors. 


Real-time applications are sensitive to the effects of latency and jitter because they 
manifest as echo, delay, and video slow down. End users are generally very intolerant 
of these kinds of errors. 


It is difficult to guarantee Quality of Service (QoS) over a public network such as the 
Internet. Enterprise networks can deploy sophisticated QoS and traffic engineering 
protocols on managed switches and routers. On a SOHO network, you may be able to 
configure a QoS or bandwidth control feature on the router/modem to prioritize the 
port used by a VoIP application over any other type of protocol. This will help to 
mitigate issues if, for example, one computer is trying to download a Windows 10 
feature update at the same time as another set of computers are trying to host a video 
conference. 


TP-LINK Ə 3¢ 


Archer VR900 Quick Setup Basic Advanced English ¥ e Rabat 
© nat Forwarding Bandwidth Control @ 
Bandwidth Control Mi Enable 
(A usB settings 
Line Type: © ADSL Other 
ah Parental Controls Current Upstream Rate 36333 Kbps 
Current Downstream Rate 100013 Kbps 
@ Bandwidth Control 
Total Upstream Bandwidth: 6333 Kbps 
a& Security Total Downstream Bandwidth 100013 Kbps 
IPTV Bandwidth Guarantee: Enable 
{ob System Tools 
Save 
Controlling Rules 
© Add © Delete 
Description Priority Up (min/max A Down i Enable Modify 
(min/max 
Firmware Version:0.1.0 0.9.1 v0069.0 Build 160525 Rel.38143n Hardware Version:Archer VR900 v2 00000000 Support 
v 


The Bandwidth Control feature on this router/modem provides a basic QoS mechanism. (Screenshot 
courtesy of TP-Link.) 
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Activity 7-3 


Discussing SOHO Network Installation 
and Configuration 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What type of cable and connectors are used to connect a modem to a phone 
port? 


2. What is the function of a microfilter? 


3. To configure a router/modem, what type of IP interface configuration 
should you apply to the computer you are using to access the device 
administration web app? 


4. What is the effect of reducing transmit power when you are configuring an 


access point? 


5. Which standard represents the best available wireless network security? 
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6. How can QoS improve performance for SOHO Internet access? 
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Activity 7-4 


Installing and Configuring SOHO 
Networks 


BEFORE YOU BEGIN 


Ideally, you would set up a mix of networks with different modes and frequencies. 
Experiment with using the same network name for 2.4 GHz and 5 GHz bands. Try 
setting up clashing network channels to see if there is any adverse effect. 
If you do not have physical access points to use, consider asking learners to connect to 
an emulator, such as 
* https://www.cisco.com/assets/sol/sb/AP541N_GUI/AP541N_1_9_2/ 
Getting Started.htm, 
* http://ui.linksys.com/, http://support.dlink.ca/emulators/wbr2310/index.htm, 
+ https://tools.netgear.com/landing/gui/wireless/wg102/simulators/ 
wg102_v_1_0 31/start.htm, or 
+ https://www.tp-link.com/us/support/emulators. 
If the equipment is available, you will join a wireless network set up by your instructor, 
or you will configure your own wireless network as part of a group. Depending on the 
equipment available, you may receive either a dedicated access point or a 
multifunction router/modem/access point, or you might be asked to connect to a 
wireless access point emulator. 
Use this table to record the wireless settings that your group will configure, or that 
your instructor will configure for you to connect to. 


Option 2.4 GHz Band Settings 5 GHz Band Settings 

SSID ~o 
Mode/Compatibility 

Channel 

Security/Authentication 

Type 

Pre-shared Key/Password 


SCENARIO 


In this activity, you will connect computers together in a wireless network, depending 
on the devices available in your learning environment. 


1. Ifyou have a physical wireless access point, reset it to the factory configuration, 
and then connect to the management interface. 
a) Connect the access point to a power source and switch it on. 


b) Unless you are advised otherwise by your instructor, press the access point's reset 
switch and hold for about 20 seconds (or as instructed) to apply the default 
configuration. 
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The reset switch will be a recessed button on the back of the access point. You might 
need to use a paper clip to press it. 


c) Verify that the network adapter on your HOST computer is set to obtain an IP address 
automatically. 


d) Disconnect the network cable from your HOST computer's network adapter. Connect 
an RJ-45 patch cable from the HOST computer's network adapter to one of the LAN or 
Ethernet ports on the access point. 


e) Ifthe network location banner appears prompting you to trust the network, select 
Yes. 


f) | Start a web browser, and open the device's management URL. 
This may be printed on a sticker on the device. 

g) If prompted, log in using the default user name and password. 
Again, this may be printed on a sticker on the device. 


h) Ifyou are prompted to change the default user name and password, set the user 
name to admin and password to Pa$$wOrd 


2. Configure the access point to use the settings suggested by your instructor (the 
ones you recorded in the table). 


a) Locate the menu option for manual or advanced wireless settings. 


In the environment shown in the following figure, you would select 
Advanced—Wireless— Basic Settings. 


TP-LINK 
AP300 Quick Setup Advanced 
Global Settings @ 
A Status 
Operation Mode: Access Point X 
@® wireless 


Basic Settings Basic Settings 2.4GHz | 5GHz 


wes 


2.4GHz Wireless: Mi Enable Wireless Radio 
MAC Filtering 
Wireless Network Name (SSID): TP-LINK_86A3 O Hide SSID 


Statistics 
Mode: 802.11b/a/n mixed X 


Throughput Monitor Channel Width: 40 MHz v 


Advanced Settings Channel/Frequency Auto v 


Security. WPA/WPA2-Personal w 


@® network 


Version: ® Auto WPA-PSK WPA2-PSK 


{o> system Tools Encryption: @ Auto O AES TKIP 


Password: 12345670 


Group Key Update Period. 86400 


Access point configuration. (Screenshot courtesy of TP-Link.) 


Note: Your instructor will guide you through this activity if you are using a 
different wireless router than the one depicted in the previous screenshot. 


b) If there is an Operation mode option (as shown above), set it to Access Point. 
The device may also support being configured as a repeater or bridge. 


c) Enter the settings you recorded in the table, and then save the settings using the 
options appropriate for your configuration page. This might be a Save button, Apply 
Changes button, or something similar. 


3. Install a wireless network adapter in your HOST computer. 


Your instructor will provide you with a wireless network adapter. This may be a plug-in card 
or a USB device. 
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a) Ifyour adapter has a setup-based install, run the Setup program to install the adapter 
driver software. 


b) Physically connect the wireless adapter to the HOST computer. 


* Ifyou have a USB wireless adapter, connect it to a USB port. 


* Ifyou have a plug-in card, power off the PC, and remove all the cables. Follow 
instructions from your instructor to add the card to a spare slot, and then 
reassemble and restart the computer. 


c) When the adapter is installed, restart Windows if necessary and wait for the adapter 
to be detected or for the Device Setup wizard to start. 


d) If necessary, point to the location of the driver files, and follow any other prompts 
required to install the device and drivers. 


When the adapter is physically installed, connect to the access point configured by 
the instructor or by your group. 
a) Inthe notification area, select the network status icon. 


b) If more than one network is detected, select the SSID associated with your access 
point, and select Connect. 


c) | Enter the network key and select Next. 

d) If prompted, select No to set the network location as Public. 

e) Open File Explorer and browse the Network object. 
You should not see any computers listed, as the firewall settings for public networks 
prevent discovery. 


f) Select the yellow Network discovery is turned off bar and select Turn on network 
discovery and file sharing. 


C AEE] > | Network = x 
Network View @ 
e ~ 4 È> Network vod Search Network p 


Æ Quick access 
Ẹ Downloads 


=) Documents 


IBM Desktop 
[ð Creative Cloud Files 
@ OneDrive 
ĝ James at CompTIA 
E This PC 


‘H Libraries 

wa Flash Drive (l:) 
cÈ Network 

E COMPTIA 
E Control Panel 


é) Recycle Bin 


Ul 


0 items 


Click the bar to enable network discovery. (Screenshot used with permission from 
Microsoft.) 


g) Atthe prompt, select No, make the network that I am connected to a private 
network. 


Lesson 7: Configuring and Troubleshooting Networks | Topic B 


410 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


h) Browse for other computers again. 
A > | Network = o Xx 
Network View e 
- ~ 4 E> Network v & | Search Network p 


ge Quick access COMPTIA-LABS 


4 Downloads 


v Computer (2) 


Ei COMPTIA 


Ry COMPTIA-LABS D 
eo ~ — 


ries Computer 
Workgroup: WORKGROUP 
Network location: Unidentified network 


[=| Documents 


E Desktop 
B Creative Cloud Files 
@ OneDrive 
B James at CompTIA 
E This PC 


‘py Libraries 

wa Flash Drive (|:) 
cÈ Network 

E COMPTIA 

E COMPTIA-LABS 
E Control Panel 

âl Recycle Bin 


=m . 


2items 1 item selected = E 


Browsing the network—two computers have joined this network (COMPTIA and COMPTIA- 
LABS). (Screenshot used with permission from Microsoft.) 


5. View the network properties using the Settings app. 


a) Select the network status icon and select Network & Internet Settings. 

b) Inthe Settings app, select Wi-Fi. 

c) Select the network name. 
You can change the network location type here. 

d) Scroll down the page to view the IP settings and connection properties, including the 
network band and channel. 

e) Record the Physical address (MAC). 

f) Close the Settings app. 


6. View the Wi-Fi adapter's driver properties in Device Manager. 


a) Right-click Start and select Device Manager. 

b) Expand Network adapters and then right-click the wireless adapter and select 
Properties. 

c) Select the Advanced tab. 

d) Locate settings for preferred wireless mode and frequency. Are there options to set 
any of the following: Transmit Power, QoS, or Wake-on-Wireless LAN? 
Answers will vary depending on the wireless adapter. 

e) Select Cancel. 


7. Ifyou are managing an access point in your group, change the settings on the AP 
to use a different SSID, and ensure that it is not broadcast. 


Option 


2.4 GHz Band Settings 5 GHz Band Settings 


SSID 
Mode/Compatibility 
Channel 


Security/Authentication 
Type 
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Option 2.4 GHz Band Settings 5 GHz Band Settings 
Pre-shared Key/ 
Password 


AP300 Quick Setup Advanced 
Global Settings Q 
(2) status 
Operation Mode Access Point v 
@ Wireless 
Basic Settings Basic Settings 2.4GHz | SGHz 
WPS 
2.4GHz Wireless: © Enable Wireless Radio 
MAC Filtering 
Wireless Network Name (SSID): COMPTIA-HIDDEN Œ Hide SSID 
Statistics . 
Mode: 802.11b/g/n mixed v 
Throughput Monitor Channel Width: 40 MHz v 
Advanced Settings Channel/Frequency: Auto v 
Security: WPA/WPA2-Personal w 
@® network 
Version: © Auto WPA-PSK WPA2-PSK 
{op system Tools Encryption @ Auto O AES TKIP 
Password Pa$$word 
Group Key Update Period 86400 


Setting the SSID to hidden. (Screenshot courtesy of TP-Link.) 


8. When the AP has been reconfigured, manually connect to the wireless network. 
a) Select the network status icon and select Network & Internet Settings. 
b) Inthe Settings app, select Wi-Fi. 
c) Select the Manage known networks link. 
d) Select Add a new network. 
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e) Enter the network connection details. Make sure you check Connect automatically 
and Connect even if this network is not broadcasting. 


Add a new network 


Network name 


COMPTIA-HIDDEN 


Security type 
WPA2-Personal AES 


Security key 


TTT 
Connect automatically 
Connect even if this network is not broadcasting 


Save Cancel 


Configuring a wireless network connection manually. 
f) Select Save. 


g) Ifyou are prompted to enable discovery and file sharing, select Yes. If no prompt 
appears, enable network discovery via Explorer as you did before. 


h) In Explorer, browse the network, and verify that other computers are visible. 


9. Optionally, configure MAC filtering to prevent one of the stations in your group 
from connecting. 


TP-LINK 
AP300 Quick Setup Advanced LED On Logout Reboot 
MAC Filter Q 
M status 
MAC Filter: 
Q Wireless es Lon Hl 
Basic Settings Filter Rules 


wes 


Select the Filter Rule: 
MAC Filtering ® Blacklist (Devices in this list are NOT allowed to access your network.) 


= Whitelist ( Devices in this list are allowed to access your network.) 
Statistics 


Throughput Monitor | save | 
Advanced Settings 


Devices in Black List 
@® Network 


Add Delete 
© System Tools o bad 


ID MAC Address Description Status Modify 
gja AC-72-89-50-38-04 COMPTIA Q Ø ® 
Firmware Version: 1.0.0 Build 20160909 Rel. 53890 Hardware Version: AP300 v1.0 Support 


Configuring a MAC filter to blacklist stations. (Screenshot courtesy of TP-Link.) 
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10. At the end of the activity, if requested, uninstall the wireless adapter and return it 
to your instructor. Reconnect your computer to the classroom network. 
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Topic C 


Configure SOHO Network Security 


EXAM OBJECTIVES COVERED 
A 1001-2.2 Compare and contrast common networking hardware devices. 


1001-2.3 Given a scenario, install and configure a basic wired/wireless SOHO network. 
1002-1.5 Given a scenario, use Microsoft operating system features and tools. 

1002-1.6 Given a scenario, use Microsoft Windows Control Panel utilities. 

1002-1.8 Given a scenario, configure Microsoft Windows networking on a client/desktop. 
1002-2.10 Given a scenario, configure security on SOHO wireless and wired networks. 


Although security models stress the importance of defense in depth, the network edge 
must still be closely guarded. As a CompTIA A+ technician, you must be able to 
configure firewall settings and other types of access controls to ensure safe Internet 
use. In this topic, you will learn how to configure common security features of SOHO 
router/modems, use the Windows Firewall, and set browser options. 


FIREWALLS 


There are many types of firewalls and many ways of implementing them. One 
distinction can be made between network and host firewalls: 


e Network firewall—placed inline in the network and inspects all traffic that passes 
through it. 

* Host firewall—installed on the host and only inspects traffic addressed to that 
host. 


Another distinction is what parts of a packet a firewall can inspect and operate on. 


PACKET FILTERING FIREWALL 


Packet filtering describes the earliest type of firewall. All firewalls can still perform this 
basic function. A packet filtering firewall can inspect the headers of IP packets. This 
means that rules can be based on the information found in those headers: 


+ IP filtering—accepting or blocking traffic on the basis of its source and/or 
destination IP address. 

e Protocol ID/type—TCP, UDP, ICMP, and so on. 

* Port filtering/security—accepting or blocking a packet on the basis of source and 
destination port numbers (TCP or UDP application type). 


This configuration is referred to as an Access Control List (ACL). The firewall may 
provide the option to accept all packets except for those on the reject list or, 
alternatively, it may provide the option to reject all packets except for those on the 
accept list. Generally, the latter is the best choice, since it is more secure and involves 
less configuration. 


HOST FIREWALL 

A host (or software or personal firewall) is one that is implemented as software on 
the individual host PC or server. This might be deployed instead of or in addition to the 
network firewall. As well as being able to filter traffic based on data in network packets 
(IP address and port number, for instance), a host-based firewall can be defined with 
rules for whether particular software programs and services (processes) or user 
accounts are allowed or denied access. 
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Having two firewalls is more secure; if one firewall is not working or is misconfigured, 
the other firewall might prevent an intrusion. The downside is complexity; you must 
configure rules in two places, and there are two things that could be blocking 
communications when you come to troubleshoot connections. 


Note: Using both a network firewall to secure the "perimeter" and a host firewall 
provides defense in depth. This is the concept that multiple, well-coordinated layers of 


defensive controls make a system harder to compromise than a single defensive barrier. 


FIREWALL SETTINGS 


Most Internet router/modems come with a basic firewall product; some come with 
quite sophisticated firewalls. On a SOHO network, it is more typical to filter incoming 
traffic than outgoing traffic. Some router/modems may not support outbound filtering 
at all. 


DISABLING PORTS 


One of the basic principles of secure configuration is only to enable services that must 
be enabled. If a service is unused, then it should not be accessible in any way. The 
most secure way of doing this is to remove the service on each host. There may be 
circumstances in which you want a service port to be available on the local network but 
not on the Internet. This is where a firewall is useful. If you configure an ACL to block 
the port, or if the port is blocked by the default rule, then Internet hosts will not be 
able to access it. 


MAC FILTERING 


The MAC is the hardware address of a network card, in the format aa:bb:cc:dd:ee:ff. 
Firewalls, switches, and access points can be configured either with whitelists of 
allowed MACs or blacklists of prohibited MACs. This can be time-consuming to set up 
and it is easy for malicious actors to spoof a MAC address. On a SOHO network, the 
security advantages are unlikely to outweigh configuration and troubleshooting issues. 


CONTENT FILTERING/PARENTAL CONTROLS 

Most Internet appliances also support the configuration of filters to block websites and 
services on the basis of keywords or site rating and classification services. Another 
option is to restrict the times at which the Internet is accessible. These are configured 
in conjunction with services offered by the ISP. 


One issue for ISP-enforced parental controls is that the filters are not usually able to 
distinguish account types, so the filters apply to all Internet access unless the filtering 
is manually disabled, which requires the ISP account holder's password. Parental 
controls can also be enforced at the OS level in Windows 10, where different filters can 
be applied based on the account type. 
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TP-LINK g 
Archer VR900 Quick Setup Advanced wes 


@ _ nat Forwarding Parental Controls @ 


@ Status: H) 


USB Settings 


Devices Under Parental Controls 

dh Parental Controls 
The Effective Time is based on the time of the router. The time can be set in "Advanced > System Tools 
> Time Settings” 

@ Bandwidth Control @ Refresh @) add @ Delete 


Effective 


rf CA 
ID Device Name MAC Address Tana 


a Description | Status | Modify 
(@) Security 


O| 1| MyDeviceTest 00:19:E0:02:03:04 qo Sra F | aw 


oh System Tools 
Content Restriction 


Restriction Type: ® Blacklist © Whitelist 


© Add a New Keyword 


facebook (—] 
Firmware Version:0.1.0 0.9.1 v0069.0 Build 160525 Rel.38143n Hardware Version:Archer VR900 v2 00000000 Support 


Configuring parental controls to restrict when certain devices can access the network. (Screenshot 
courtesy of TP-Link.) 


WHITELISTS/BLACKLISTS 


Content filtering works on the basis of blacklists of URLs that are known to harbor a 
particular type of content. There will be separate blacklists for different types of 
content that users might want to block. There are also blacklists of sites known to host 
malware. The firewall will block any IP address or domain name appearing on a 
blacklist for which a filter has been configured. 


Conversely, whitelisting a site means that it will be accessible even if a filter is applied. 
If you want to lock down Internet usage very tightly, it should be possible to configure a 
filter so that only whitelisted sites are accessible. 


NAT 


All router/modems implement Network Address Translation (NAT). More 
specifically, they implement Network Address Port Translation (NAPT), which is also 
referred to as NAT overloading or Port Address Translation (PAT). The router/modem 
is issued with a single public IP address by the ISP. Some ISPs might allocate a static 
address, but it is more common for it to be dynamic (issued by the ISP's DHCP server). 


Hosts connected to the router/modem's switch or access point are configured with 
local (private) addresses, typically in the range 192.168.0.0/24 or 192.168.1.0/24. When 
one of these devices tries to contact a host on the Internet, the router identifies the 
connection using an ephemeral port number, adds the original private IP address and 
port number to a NAT table, and sends the transmission to the Internet host, using its 
public IP address and the new port number. When (or if) an Internet host replies to 
that port, the router looks up the port number in the NAT table, locates the original IP 
address and port, and forwards the response to the local device. 
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NAT overloading on a SOHO router/modem generally works without any configuration. 
There might be an option to configure an Application Layer Gateway (ALG) for one or 
more protocols. NAT can pose problems for some types of protocol. ALG mitigates 
these problems by opening ports dynamically to allow connections. 


TP-LINK S 
Archer VR900 Quick Setup Advanced English v a) 
M Status Application Layer Gateway (ALG) @ 

PPTP Pass-through: M Enable 
G] Operation Mode 

L2TP Pass-through Mi Enable 
(3) Network IPSec Pass-through: M Enable 

FTP ALG: Mi Enable 
E iptv 

TFTP ALG: Vi Enable 
Q Wireless H323 ALG: vV Enable 

SIP ALG: Mi Enable 


eN Guest Network 


| @ NAT Forwarding 


Virtual Servers 
Port Triggering 


DMZ 


Firmware Version:0.1.0 0.9.1 v0069.0 Build 160525 Rel.38143n Hardware Version:Archer VR900 v2 00000000 Support 


Configuring ALGs for NAT. (Screenshot courtesy of TP-Link.) 


PORT FORWARDING AND PORT TRIGGERING 


When NAT overloading is deployed, hosts on the Internet can only "see" the router and 
its public IP address. If you want to run some sort of server application from your 
network and make it accessible to the Internet, you need to set up port forwarding or 
Destination NAT (DNAT). 


Port forwarding means that the router takes requests from the Internet for a 
particular protocol (say, HTTP/port 80) and sends them to a designated host on the 
LAN. The request could also be sent to a different port, so this feature is often also 
called port mapping. For example, the Internet host could request HTTP on port 80, 
but the LAN server might run its HTTP server on port 8080 instead. 
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TP-LINK ; Ə x% 
Archer VR900 Quick Setup Advanced English {v 2 ete 
M Status Virtual Servers @ 
© add © Delete 
| Operation Mode Sauce ena 
O | iD Type External Port Internal IP Port Protocol Status Modify 
($) Network m] 1 FTP 21 192.168.1.201 21 TCP Q 4 WwW 
CE iptv 


Q Wireless 
PR Guest Network 
@ NAT Forwarding 


ALG 


Virtual Servers 


Port Triggering 


DMZ 


Firmware Version:0.1.0 0.9.1 v0069.0 Build 160525 Rel.38143n Hardware Version:Archer VR900 v2 00000000 Support 


Configuring port forwarding for FTP. (Screenshot courtesy of TP-Link.) 


Port triggering is used to set up applications that require more than one port. 
Basically, when the firewall detects activity on outbound port A destined for a given 
external IP address, it opens inbound access for the external IP address on port B for a 
set period. 


DMZ 


When making a server accessible on the Internet, careful thought needs to be given to 
the security of the local network. A simple firewall with port forwarding will only 
support servers on the local network. There can only be one set of access rules. If a 
server is compromised, because it is on the local network there is the possibility that 
other LAN hosts can be attacked from it or that the attacker could examine traffic 
passing over the LAN. 


In an enterprise network, a Demilitarized Zone (DMZ) is a means of establishing a 
more secure configuration. The idea of a DMZ is that hosts placed within it are 
untrusted by the local network zone. Some traffic may be allowed to pass between the 
DMZ and the local network, but no traffic is allowed to pass from the Internet to the 
local network through the DMZ. 


Most SOHO routers come with only basic firewall functionality. The firewall in a typical 
SOHO router screens the local network, rather than establishing a DMZ. 


However, you should note that many SOHO router/modem vendors use the term 
"DMZ" or "DMZ host" to refer to a computer on the LAN that is configured to receive 
communications for any ports that have not been forwarded to other hosts. When 
DMZ is used in this sense, it means "not protected by the firewall" as the host is fully 
accessible to other Internet hosts (though it could be installed with a host firewall 
instead). This also means that the LAN is still exposed to the risks described previously. 
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TP-LINK 


Archer VR900 Quick Setup Advanced 


PN Guest Network 


DMZ 
@ NAT Forwarding 
DMZ: M Enable DMZ 
ALG DMZ Host IP Address: 192.168.1.254 


Save 


Virtual Servers 
Port Triggering 


DMZ 


Configuring a SOHO router version of a DMZ—the host 192.168.1.254 will not be protected by the 
firewall. (Screenshot courtesy of TP-Link.) 


UNIVERSAL PLUG-AND-PLAY 


ACLs and port forwarding/port triggering are challenging for end users to configure 
correctly. Many users would simply resort to turning the firewall off in order to get a 
particular application to work. As a means of mitigating this attitude, services that 
require complex firewall configuration can use the Universal Plug-and-Play (UPnP) 
framework to send instructions to the firewall with the correct configuration 
parameters. 


On the firewall, check the box to enable UPnP. A client UPnP device, such as an Xbox, 
PlayStation, or Voice-over-IP handset, will be able to configure the firewall 
automatically to open the IP addresses and ports necessary to play an online game or 
place and receive VoIP calls. 


TP-LINK 


Archer VR900 Quick Setup Advanced 


PNR Guest Network 
UPnP 


UPnP: H) 


@ NAT Forwarding 


ALG 


Kaa Savan UPnP Service List 
Port Triggering Client Number: 0 (&] Refresh 
ID Service Description External Port Protocol Internal IP Address Internal Port 


DMZ 


(A uss settings 


dh Parental Control 


Enabling UPnP—there is nothing to configure, but when client devices use the service, the rules they 
have configured on the firewall are shown in the service list. (Screenshot courtesy of TP-Link.) 


UPnP is associated with a number of security vulnerabilities and is best disabled if not 
required. You should ensure that the router does not accept UPnP configuration 
requests from the external (Internet) interface. If using UPnP, keep up-to-date with any 
security advisories or firmware updates from the router manufacturer. 
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Note: Also make sure that UPnP is disabled on client devices, unless you have confirmed 
that the implementation is secure. As well as game consoles, vulnerabilities have been 
found in UPnP running on devices such as printers and web cams. 


WINDOWS FIREWALL 


As well as configuring the network firewall, you may want to configure a personal 
firewall on each host. Windows ships with bundled firewall software. 


Note: There are also third-party firewalls. If you install another firewall product, it should 
disable Windows Firewall. Do not try to run two host firewalls at the same time. The 
products may interfere with one another and attempting to keep the ACLs synchronized 
between them will be extremely challenging. 


CONFIGURING WINDOWS FIREWALL 


To configure the firewall in Windows 7, open Windows Firewall in Control Panel to 
view a status page, then click Turn Windows Firewall on or off. The Windows Firewall 
can be turned on or off depending on whether the network location is private (home/ 
work) or public or domain. For example, you could have an Internet connection 
through an open access point set to public with a VPN to your corporate network 
running over the link, but set to domain. 


fc 


(CION ay «< Windows Fir... » Customize Settings v| + 


Customize settings for each type of network 
You can modify the firewall settings for each type of network location that you use. 
What are network locations? 
Home or work (private) network location settings 
|] © Turn on Windows Firewall 
[E] Block all incoming connections, including those in the list of allowed programs 


[F] Notify me when Windows Firewall blocks a new program 


x) © Turn off Windows Firewall (not recommended) 


Public network location settings 
iv] @ Turn on Windows Firewall 


[E] Block all incoming connections, including those in the list of allowed programs 


[V] Notify me when Windows Firewall blocks a new program 


te?) © Turn off Windows Firewall (not recommended) 


Customizing Windows Firewall settings in Windows 7. (Screenshot used with permission from 
Microsoft.) 


CONFIGURING EXCEPTIONS 

To allow or block programs (configure exceptions), from the Windows Firewall status 
page, click Allow a program or feature through the Windows Firewall. Check the 
box for either or both network type or use Allow another program to locate its 
executable file and add it to the list. 


Lesson 7: Configuring and Troubleshooting Networks | Topic C 


The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 421 


[pce] [=] aa 
GOU- « Windows Fire... » Allowed Programs X | +> | | Search Control Pane! p | 
Allow programs to communicate through Windows Firewall 
To add, change, or remove allowed programs and ports, click Change settings. 
What are the risks of allowing a program to communicate? @ Change settings 
Allowed programs and features: 
Name Home/Work (Private) Public ^ 
Windows Live Communications Platform 
Windows Live Communications Platform (SSDP) 
Windows Live Communications Platform (UPnP) 
Windows Live Messenger 
O Windows Management Instrumentation (WMI) o o 
Windows Media Player O 
Windows Media Player Network Sharing Service O 
O Windows Media Player Network Sharing Service (Internet) O O 
O Windows Peer to Peer Collaboration Foundation o O 
O Windows Remote Management O m, |S 
O Wireless Portable Devices Oo ONG 
Details... Remove 
| Allow another program... 
| OK  |{ Cancel | 


Windows Firewall Allowed Programs. (Screenshot used with permission from Microsoft.) 


WINDOWS DEFENDER SECURITY CENTER 

In Windows 10, you can turn the firewall on or off and access the configuration applets 
shown previously via the Firewall & network protection page in the Windows 
Defender Security Center. 


WINDOWS FIREWALL WITH ADVANCED SECURITY 


An add-in to the basic firewall (Windows Firewall with Advanced Security) allows 
configuration of outbound filtering, as well as IPsec connection security and additional 
monitoring tools. 

The Advanced Firewall can be configured through group policy on a domain; ona 
standalone PC or workgroup, open the wf . msc management console (or enter 
"firewall" at the Search box or use the Advanced settings link in the Windows Firewall 
Control Panel applet). On the status page, you can click Windows Firewall properties 
to configure each profile. The firewall can be turned on or off and you can switch the 
default rule for inbound and outbound traffic between Block and Allow. 


You can also set which network adapters are linked to a profile and configure logging. 
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Domain Profile Private Profile | Public Profile | IPsec Settings 


Specify behavior for when a computer is connected to its corporate 
domain. 


State 


wag Firewall state: 


Outbound connections: 
Protected network connections: 
Settings 
J Specify settings that control Windows 
Firewall behavior. 
Logging 
Specify logging settings for 
troubleshooting. 


Leam more about these settings 


Windows Firewall with Advanced Security—Profile Settings. (Screenshot used with permission from 
Microsoft.) 


traffic unless a specific rule blocks it. You can also use Block all connections to stop 


@ Note: Block stops traffic unless a specific rule allows it. Conversely, Allow accepts all 
inbound connections regardless of the rules set up. 


Back in the main Advanced Firewall console, you enable, disable, and configure rules 
by clicking in the Inbound Rules or Outbound Rules folder as appropriate. Rules can 
be based on a number of triggers, including program, Windows Feature, service, 
protocol type, network port, and IP address range. 
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Configuring Windows Firewall with Advanced Security. (Screenshot used with permission from 
Microsoft.) 


LOCATION AWARENESS 


Different Windows Firewall settings can be applied depending on the network to which 
the PC is connected. When Windows 7 detects a new network (wired, wireless, dial-up, 
or VPN), the Set Network Location dialog box is displayed. 


You can make the following choices: 

* Home—enables network discovery (the ability to contact other computers on the 
network) and the use of homegroups. 

* Work—enables network discovery. 

* Public—disables network discovery and file sharing. 


* Domain—you cannot choose this option, but if the computer is joined to a domain, 
then the firewall policy will be configured via Group Policy. 
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cts Set Network Location 


Select a location for the ‘gtslearning’ network 


This computer is connected to a network. Windows will automatically apply the correct 
network settings based on the network's location. 


J Home network 
a If all the computers on this network are at your home, and you recognize them, 


this is a trusted home network. Don't choose this for public places such as 
coffee shops or airports. 


Work network 


If all the computers on this network are at your workplace, and you recognize 
them, this is a trusted work network. Don't choose this for public places such as 
coffee shops or airports. 


Public network 
If you don't recognize all the computers on the network (for example, you're in 


a coffee shop or airport, or you have mobile broadband), this is a public 
network and is not trusted. 


Treat all future networks that I connect to as public, and don't ask me again. 


Help me choose 


Set Network Location dialog box. (Screenshot used with permission from Microsoft.) 


To change the location defined for a network, open the Network and Sharing Center. 
Click the network location label under the network name. 


In Windows 8 and Windows 10, the concept of home and work networks has been 
discarded. Networks are either public or private depending on whether you choose to 
enable discovery and file sharing or not. If the computer is joined to a domain, then the 
network type will be set to domain. 
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Networks 


fu Network 


Do you want to find PCs, devices, and 
content on this network, and 
automatically connect to devices like 
printers and TVs? 


We recommend that you do this on 
your home and work networks. 


Setting network location type in Windows 8. (Screenshot used with permission from Microsoft.) 


You can subsequently change the setting via the Settings app. 


BROWSER CONFIGURATION 


The browser has become one of the most important bits of software on a computer. 
As well as actual web browsing, it is frequently used as the interface for many types of 
web applications. The basic browser is also often extended by plug-ins that run other 
types of content. Internet Explorer (IE) used to be completely dominant in the browser 
market, but alternatives such as Google's Chrome™ and Mozilla's Firefox® now have 
substantial market share. This section describes the Internet Options applet for 
Internet Explorer®, but similar settings can be configured for other versions and 
browsers. 


Note: In fact, in Windows 10, the Internet Explorer browser is replaced by the Edge 
browser. IE is still available in Windows 10, but its use is deprecated. 


GENERAL TAB 


The main functions of the General tab are to configure home pages (pages that load 
when the browser is started) and manage browsing history. On a public computer, it is 
best practice to clear the browsing history at the end of a session. You can configure 
the browser to do this automatically. 
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Internet Options Ex 


| Security | Privacy | Content | Connections | Programs | Advanced 


| 


Home page 
Aa To create home page tabs, type each address on its own line. 
Os 
i http://www. gtslearning.com/ 


| Use current | | Use default || Use blank 


Browsing history 


42 Delete temporary files, history, cookies, saved passwords, 
and web form information. 


[F] Delete browsing history on exit 


Delete... |[ Settings 


Change search defaults. [Settings | 


Change how webpages are displayed in Settings 
tabs. 


Appearance 


| Colors | | Languages || Fonts | | Accessibility 


Internet Options—General tab. (Screenshot used with permission from Microsoft.) 


Note: You can also start an "In Private" mode session by pressing Ctrl+Shift+P. This 
mode disables browsing history, cookies, and browser toolbars and extensions. 


CONNECTIONS TAB AND PROXY SETTINGS 


The Connections tab sets the method Internet Explorer uses to connect to the 
Internet. 


* To use a dial-up connection, select either Dial whenever a network connection is 
not present or Always dial my default connection. You would typically select the 
former option for a laptop computer that connects via the LAN in the office but a 
modem elsewhere. If the connection selected in the Dial-up Settings box is not the 
default, click Set Default. 

* To use a router, you simply need to configure the Default gateway and DNS server 
parameters in TCP/IP properties for the local network adapter (though more 
typically, this would be configured automatically using DHCP). The browser will use 
this connection when you select Never dial a connection or Dial whenever a 
network connection is not present. 
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General | Security | Privacy | Content | Connections | Programs | Advanced 
E“) To set up an Internet connection, dick {seup _} 
Setup. 


Dial-up and Virtual Private Network settings 


Choose Settings if you need to configure a proxy 
server for a connection. 


@ Never dial a connection 
© Dial whenever a network connection is not present 
© Always dial my default connection 


Current None Set default 


Local Area Network (LAN) settings 


LAN Settings do not apply to dial-up connections. 
Choose Settings above for dial-up settings. 


(ie OKiv) (Cane) { Apply 


Internet Options—Connections tab. (Screenshot used with permission from Microsoft.) 


On some networks, a proxy may be used to provide network connectivity. A proxy 
server can be used to improve both performance and security. User machines pass 
Internet requests to the proxy server, which forwards them to the Internet. The proxy 
may also cache pages and content that is requested by multiple clients, reducing 
bandwidth. The proxy may be able to autoconfigure the browser but if not, its address 
must be configured manually. Select the LAN Settings button to do this. 


Use automatic configuration script 
Address 


Proxy server 


jp Use a proxy server for your LAN (These settings will not apply to 
dial-up or VPN connections). 


Address: Port 80 


Bypass proxy server for local addresses 


( œx )[ cme | 


Local Area Network (LAN) Settings dialog box. (Screenshot used with permission from Microsoft.) 
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Note: In Windows 10, use the Settings—Network & Internet—Proxy configuration 
page. 


SECURITY TAB 
The Security tab is designed to prevent malicious content hosted on web pages from 
infecting the computer or stealing personal information. 


Internet Options x 


F Privacy | Content | Connections | Programs l Advanced | 


General 


Select a zone to view or change security settings. 


@a& y OO | 


Internet Localintranet Trusted sites Restricted | 
sites | | 


Internet 


@ This zone is for Internet websites, = 
except those listed in trusted and 
restricted zones. 


Security level for this zone 
Allowed levels for this zone: Medium to High 
Medium-high 
- Appropriate for most websites 
= -Prompts before downloading potentially unsafe 
content 
- Unsigned ActiveX controls will not be downloaded 


[V] Enable Protected Mode (requires restarting Internet Explorer) 
| Custom level... Default leve 


[ Reset all zones to defaultlevel | 


(ox) {cancel _ | 


Internet Options—Security tab. (Screenshot used with permission from Microsoft.) 


There are lots of security settings, configuring things such as whether scripts and plug- 
ins are allowed to run or install, files to download, and so on. 


Internet Explorer operates a system of zones, each with different security settings. 
Everything off the local subnet is in the Internet zone by default; the user (or a 
domain's group policy) can add particular sites to the Trusted and Restricted zones as 
appropriate. The settings for a particular zone can also be changed using the Custom 
Level button. 


PRIVACY TAB 

The main function of the Privacy tab is to control sites' use of cookies. A cookie is a 
text file used to store session data. For example, if you log on to a site, the site might 
use a cookie to remember who you are. If the site is prevented from setting these 
cookies, it may not work correctly. On the other hand, a modern website might host 
components from many different domains. These components might try to set third- 
party cookies, most often to track pages you have been visiting and display relevant 
advertising at you. 


You can use the slider to set the default policy for the Internet zone and use the Sites 
button to always block or allow cookies from particular domains. 


The Privacy tab also allows you to configure the Pop-up Blocker, which prevents sites 
from spawning new windows through scripting. 
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Content | Connections | Programs | Advanced | 


Select a setting for the Internet zone. 
Medium 


- Blocks third-party cookies that do not have a compact 

privacy policy 

- Blocks third-party cookies that save information that can 
=m] be used to contact you without your explicit consent 

- Restricts first-party cookies that save information that 

can be used to contact you without your implicit consent 


l Sites | | Import | l Advanced Default 
Location 
Never allow websites to request your Clear Si 
physical location Gea Sites, 
Pop-up Blocker 
W| Turn on Pop-up Blocker Settings 
InPrivate 
V| Disable toolbars and extensions when InPrivate Browsing starts 


Internet Options—Privacy tab. (Screenshot used with permission from Microsoft.) 


PROGRAMS TAB 
You can use the Programs tab to check whether IE is the default browser. 


ternet Options yr sc) 


General | Security | Privacy | Content | Connections | Programs | advanced 


Default web browser 


@ Internet Explorer is the default web Make default | 
browser. 


Manage add-ons ———___— 


“3 Enable or disable browser add-ons 


y=] installed in your system. 


HTML editing —— _ = n 
Ss Choose the program that you want Internet Explorer to use for 
(Zi editing HTML files. 
| HTML editor: -| 


i Internet programs - 


Choose the programs you want to use Set programs 
for other Internet services, such as 
e-mail. 


Internet Options—Programs tab. (Screenshot used with permission from Microsoft.) 
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Click Set programs to open the Default Programs applet to make another browser 
the default. You can also manage add-ons from here. Add-ons are code objects that 
extend the functionality of the browser. Examples include toolbars, malware scanners, 
content players (such as Adobe® Flash® player), and document readers (such as PDF 
viewers). Manage add-ons lets you disable or uninstall these objects. 


ADVANCED TAB 
The Advanced tab contains settings that do not fit under any of the other tabs. 
aoe | 
General | Security | Privacy | Content | Connections | Programs | Advanced | 
Settings 
= z 
[V] Use software rendering instead of GPU rendering” J | 
@ Accessibility 5 | 


Always expand ALT text for images 

|| Enable Caret Browsing for new windows and tabs 

[E] Move system caret with focus/selection changes 

[E] Play system sounds 

[E] Reset text size to medium for new windows and tabs 

|] Reset zoom level for new windows and tabs 

=] Browsing 

V] Automatically recover from page layout errors with Compz 
©] Close unused folders in History and Favorites* 

V) Disable script debugging (Internet Explorer) 


|V| Disable script debuaging (Other) bs 
4 m p 


*Takes effect after you restart Internet Explorer 


Restore advanced settings ) 
Reset Internet Explorer settings 
Resets Internet Explorer's settings to their default D 
condition. = 


You should only use this if your browser is in an unusable state. 


Internet Options—Advanced tab. (Screenshot used with permission from Microsoft.) 


Some notable options include: 


* Disable certain types of content (pictures,for instance). 

* Enable a script debugger. 

* Enable or disable passive FTP. 

+ Allow or prevent active content from running on local computer drives. 


You can also use this tab to completely reset the browser. 
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Activity 7-5 


Discussing SOHO Network Security 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. True or false? A firewall can be configured to block hosts with selected IP 
address ranges from connecting to a particular TCP port on a server that is 
available to hosts in other IP address ranges. 


2. What sort of configuration options are available to apply parental controls, 
as opposed to packet filtering via a firewall? 


3. What security method could you use to allow only specific hosts to connect 
to a SOHO router/modem? 


4. Auser wants to be able to access an FTP server installed on a computer on their 
home network from the Internet. The home network is connected to the Internet 
by a DSL router. 


How would you enable access? 


5. You are setting up a games console on a home network. 


What feature on the router will simplify configuration of online multiplayer 
gaming? 


6. True or false? To allow a PC game to accept incoming connections over a 
custom port you need to configure the Advanced Security Firewall. 


7. What option on the General tab of the Internet Options dialog box is most 
relevant to user privacy? 
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8. How would you configure a Windows 7 computer to use a proxy server for 
web browsing? 
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Topic D 


Configure Remote Access 


EXAM OBJECTIVES COVERED 
BI 1001-2.1 Compare and contrast TCP and UDP ports, protocols, and their purposes. 


1002-1.5 Given a scenario, use Microsoft operating system features and tools. 
1002-1.8 Given a scenario, configure Microsoft Windows networking on a client/desktop. 
1002-4.9 Given a scenario, use remote access technologies. 


A remote access utility allows you to establish a session on another computer on the 
network. There are command-line and GUI remote access tools. These are very useful 
for technical support and troubleshooting. The fact that remote access is so useful 
shows how important it is that such tools be used securely. In this topic, you will learn 
about the features of different remote access tools and security considerations of 
using each one. 


WINDOWS REMOTE ACCESS TOOLS 


Windows comes with several remote access features. Two of the GUI remote tools are 
Remote Desktop and Remote Assistance. These use some of the same underlying 
technologies but suit different purposes. 


REMOTE DESKTOP 


Remote Desktop allows a remote user to connect to their desktop machine. The 
desktop machine functions as a terminal server and the dial-in machine as a Windows 
terminal. This allows the user to work as if physically connected to their workstation. 
This would ideally suit laptop users working from home with a slow link. Having gained 
access to the corporate network (via the Internet using a VPN, for example) they could 
then establish a remote desktop connection to their own office-based system. A 
technician can also use Remote Desktop to configure or troubleshoot a computer. 


Remote Desktop runs on TCP port 3389. 


Note: Windows Home editions do not include the Remote Desktop server so you cannot 
connect to them, but they do include the client so you can connect to other computers 
from them. 


REMOTE ASSISTANCE 

Remote Assistance allows a user to ask for help from a technician or co-worker. The 
"helper" can then connect and join the session with the user. This session can include 
an interactive desktop, whereby the helper can control the system of the user. 
Remote Assistance assigns a port dynamically from the ephemeral range (49152 to 
65535). This makes it difficult to configure through firewalls, but remote assistance is 
designed more for local network support anyway. 


REMOTE SETTINGS CONFIGURATION 


By default, Remote Assistance connections are allowed but Remote Desktop ones are 
not. To change these settings, open System Properties then click Remote settings. 
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ff 


System Properties 
| Computer Name | Hardware | Advanced System Protection | Remote 
Remote Assistance 


[V] Allow Remote Assistance connections to this computer 


What happens when | enable Remote Assistance? 


Remote Desktop 
Click an option, and then specify who can connect, if needed. 
@ Dont allow connections to this computer 


5 Allow connections from computers running any version of 
Remote Desktop (less secure) 


») Allow connections only from computers running Remote 
Desktop with Network Level Authentication (more secure) 


Help me choose 


Configuring remote settings in Windows 7. (Screenshot used with permission from Microsoft.) 


You can choose between allowing older RDP clients to connect and requiring RDP 
clients that support Network Level Authentication (NLA). NLA protects the computer 
against Denial of Service attacks. Without NLA, the system configures a desktop before 
the user logs on. A malicious user can create multiple pending connections in an 
attempt to crash the system. NLA authenticates the user before committing any 
resources to the session. 


RDP authentication and session data is always encrypted. This means that a malicious 
user with access to the same network cannot intercept credentials or interfere or 
capture anything transmitted during the session. 


Click the Select (Remote) Users button to define which users can connect remotely. 
Users in the local administrators group already have this property. You can select from 
members of the local accounts database or from the domain of which your machine is 
a member. 


Note: The biggest limitation of Remote Desktop on Windows is that only one person can 
be logged in to the machine at once, so once you log in using Remote Desktop, the 


monitor at the local computer will go to the login screen. If a local user logs in, the 
remote user will be disconnected. Remote Desktop is not really a remote diagnostic and 
troubleshooting tool as much as a management tool. 


REMOTE CREDENTIAL GUARD 


If Remote Desktop is used to connect to a machine that has been compromised by 
malware, the credentials of the user account used to make the connection become 
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highly vulnerable. RDP Restricted Admin (RDPRA) Mode and Remote Credential 
Guard are means of mitigating this risk. You can read more about these technologies 
at docs.microsoft.com/en-us/windows/security/identity-protection/remote- 
credential-guard. 


THE REMOTE ASSISTANCE PROCESS 


A request for remote assistance is made using the Windows Remote Assistance tool. 
You can send an invitation as a file, via email, or using Easy Connect. The tool will 
generate a password and a connection file for you to transmit to the helper. 


To provide assistance, open the invitation file and enter the password and wait for the 
user to accept the offer of assistance. When the offer is accepted, a remote desktop 
window is opened with an additional chat tool that you can use to communicate with 
the user. 


Remote Assistance sessions are encrypted using the same technologies as RDP. 


= aes Windows Remote Assistance - Helping David Martin - 5 


Being helped by localadmin 
> Chat “Gf Settings @ Help 


=} Windows Network Diagnostics 


Detecting problems 


Looking for problems in Web connectivity. 


Send 


@ Sharing control of the computer 


Using Remote Assistance. (Screenshot used with permission from Microsoft.) 


REMOTE DESKTOP 


To connect to a server via Remote Desktop, from the Communications menu in 
Accessories, open the Remote Desktop Connection shortcut, or run mst sc ata 
command prompt or the Run dialog box or Instant Search box. Enter the server's 
computer name or IP address to connect. The server can be installed with a certificate 
to identify it securely. 
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B- Remote Desktop Connection -ol & f 


| Remote Desktop 
“=2s) Connection 


Logon settings 
7 Enter the name of the remote computer. 
b 


~ 


Computer: mypc X 
Username: mypc^administrator 


You will be asked for credentials when you connect. 


[E] Allow me to save credentials 


Connection settings 
Save the current connection settings to an RDP file or open a 
a saved connection. 


| Save | Save As... | | Open... 


Remote Desktop Connection client. (Screenshot used with permission from Microsoft.) 


You will need to define logon credentials. To specify a domain or computer account, 
use the format ComputerOrDomainName\UserName. In addition, you might need to 
define display properties. You can use either full screen or some windowed display. 
Also, you can configure the quality of the color scheme. The Local Resources tab 
allows you to define how key combinations (such as Alt+Tab) function—that is, will 
they affect the local computer, the remote computer, or the remote computer in full 
screen mode. Because the connection may be over a slow link, such as dial-up, you can 
configure optimization based on the line speeds (modem, LAN, and so on). This affects 
bitmap caching and video options. 


Once you have your remote desktop connection established, you can work quite 
normally, as if physically adjacent to the target machine—but be aware that no one 
else can use the target system while in remote mode. The system becomes locked and 
can be unlocked by the administrator or the remotely connected user only. 


REMOTE ACCESS TECHNOLOGIES 


Remote Desktop and Remote Assistance are technologies for Windows networks. 
There are versions of the mst sc client software for Linux®, macOS®, iOS®, and 
Android™ so you can use devices running those operating systems to connect to an 
RDP server running on a Windows machine. 


Other protocols and software tools are available for accepting incoming connections to 
non-Windows devices. 
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TELNET 


Telnet is a command-line terminal emulation protocol and program. The host server 
runs a Telnet daemon listening for connections on TCP port 23. The client system runs 
a Telnet program to send commands to the daemon. When you connect, your 
computer acts as if your keyboard is attached to the remote computer and you can use 
the same commands as a local user. 


Note: Telnet sends all messages in clear text. Anyone able to intercept ("sniff") network 
traffic would be able to see the passwords for accounts. 


If you enter telnet at a command prompt, some of the basic commands you can 
use are listed in the following table. 


Command Use 

open Starts a session with the host on that port. Host can be a host 
HostPort name, FQDN, or IP address. 

? Displays help. 

status Check session status. 

close Ends the current session. 

quit Exits the telnet prompt. 


Telnet is sometimes still used for troubleshooting services such as SMTP or HTTP. For 
example, to connect to an SMTP server at the IP address 192.168.1.2, you would enter 
telnet 192.168.1.2 25. 


r 


Telnet vpc01 | oy) 


226 vpcBi Microsoft ESMTP MAIL Service. Version: 6.0.2600.2180 ready at Thu. 16g 
Jul 200? 10:22:00 +0100 
he lo o 


256 vpcði Hello [192.168.1.2] 

mail from:test@domain.com 

256 2.1.6 test@domain.com....Sender OK 

rept to-user@myisp.com 

256 2.1.5 user@myisp.com 

data 

354 Start mail input; end with <CRLF>.<CRLF> 
subject:test message 


Connectiivty test 


258 2.6.8 <UPCO1J5gj017Tdnf mY o8O0G06G10vpcH1> Queued mail for delivery 


Telnet session with an SMTP server. (Screenshot used with permission from Microsoft.) 


Another application of Telnet is router or switch configuration. The Telnet application is 
used to connect to the Telnet Daemon on the router and then command-line 
instructions can be issued to configure it. 


Note: Telnet is not installed by default in Windows. You can add it using Programs and 
Features. On a Windows network, you are more likely to use Windows Remote Shell 
(WinRS), which has better functionality and security features. 
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SSH 


Secure Shell (SSH) is designed to replace unsecure administration and file copy 
programs such as Telnet and FTP. SSH uses TCP port 22 (by default). SSH uses 
encryption to protect each session. There are numerous commercial and open source 
SSH products available for all the major OS platforms (UNIX, Linux, Windows, and 
macOS). 

SSH servers are identified by a public/private key pair (the host key). A mapping of host 


names to public keys can be kept manually by each SSH client or there are various 
enterprise software products designed for SSH key management. 


Warning ? x 
Continue connecting to an unknown server and add its 
host key to a cache? 


The server's host key was not found in the cache. You have no guarantee 
that the server is the computer you think it is. 


The server's rsa2 key fingerprint is: 
ssh-rsa 2048 cd:88:9a:11:8b:a9:5e: 7¢:52:55:32:d4:24:82:99:d8 


If you trust this host, press Yes. To connect without adding host key to the 
cache, press No. To abandon the connection press Cancel. 


No Cancel Copy Key Help 


Confirming the SSH server's host key. (Screenshot used with permission from Microsoft.) 


SSH CLIENT AUTHENTICATION 

The server's host key is used to set up a secure channel to use for the client to submit 
authentication credentials. SSH allows various methods for the client to authenticate to 
the SSH server. Each of these methods can be enabled or disabled as required on the 
server: 


+ Username/password—the client submits credentials that are verified by the SSH 
server either against a local user database or using an authentication server. 

* Kerberos—this allows Single Sign On (SSO) on a network that runs the Kerberos 
authentication protocol. Windows Active Directory domain networks use Kerberos. 

* Host-based authentication—the server is configured with a list of authorized client 
public keys. The client requests authentication using one of these keys and the 
server generates a challenge with the public key. The client must use the matching 
private key it holds to decrypt the challenge and complete the authentication 
process. This provides non-interactive login but there is considerable risk from 
intrusion if a client host's private key is compromised. 


Note: With host-based authentication, managing valid client public keys is a critical 


security task. Many recent attacks on web servers have exploited poor key 
management. 


e Public key authentication—host-based authentication cannot be used with fine- 
grained access controls as the access is granted to a single user account. The same 
sort of public key authentication method can be used for each user account. The 
user's private key can be configured with a passphrase that must be input to access 
the key, providing an additional measure of protection compared to host-based 
authentication. 
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SCREEN SHARING AND VNC 


In macOS, you can use the Screen Sharing feature for remote desktop functionality. 
Screen Sharing is based on Virtual Network Computing (VNC). You can use any VNC 
client to connect to a Screen Sharing server. 


VNC itself is a freeware product with similar functionality to RDP. It works over TCP 
port 5900. Freeware versions of VNC provide no connection security and so should 
only be used over a secure connection, such as a VPN. However, there are commercial 
products packaged with encryption solutions. macOS Screen Sharing is encrypted. 


FILE SHARE 


Setting up a network file share can be relatively complex. You need to select a file 
sharing protocol that all the connecting hosts can use, configure permissions on the 
share, and provision user accounts that both the server and client recognize. 
Consequently OS vendors have developed other mechanisms for simple file sharing 
between devices. 


« AirDrop®—supported by Apple iOS and macOS, this uses Bluetooth® to establish a 
Wi-Fi Direct connection between the devices for the duration of the file transfer. The 
connection is secured by the Bluetooth pairing mechanism and Wi-Fi encryption. 

* Near Share—Microsoft's version of AirDrop. Near Share was introduced in Windows 
10 (1803), partly replacing the previous Homegroup feature. 


There are plenty of third-party and open source alternatives to AirDrop. 


Although the products have security mechanisms, there is the potential for misuse of 
features such as this. Users accepting connections from any source could receive 
unsolicited transfer requests. It is best only to accept requests from known contacts. 
The products can be subject to security vulnerabilities that allow unsolicited transfers. 
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Activity 7-6 


Discussing Remote Access 
Configuration 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Which edition(s) of Windows support connecting to the local machine over 
Remote Desktop? 


2. What is the goal of RDP Restricted Admin (RDPRA) Mode and Remote 
Credential Guard? 


3. True or false? SSH is not available for use with Windows. 


4. How can you confirm that you are connecting to a legitimate SSH server? 
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Topic E 


Troubleshoot Network Connections 


EXAM OBJECTIVES COVERED 
El 1001-2.8 Given a scenario, use appropriate networking tools. 


1001-5.7 Given a scenario, troubleshoot common wired and wireless network problems. 
1002-1.4 Given a scenario, use appropriate Microsoft command line tools. 
1002-3.1 Given a scenario, troubleshoot Microsoft Windows OS problems. 


As a CompTIA A+ technician, you will be expected to be able to troubleshoot basic 
network connectivity issues. At this support level, you will be focusing on client issues. 
As you have learned, networks are complex and involve many different hardware 
devices, protocols, and applications, meaning that there are lots of things that can go 
wrong! In this topic you will learn how to identify and diagnose the causes of some 
common wired and wireless network issues. 


COMMON WIRED NETWORK CONNECTIVITY ISSUES 


When troubleshooting a network issue, it is often a good idea to rule out any problem 
with connectivity at the hardware layer. If a single host is unable to connect to the 
network, the first thing you should check is whether the network cable is properly 
connected. If the problem is not that obvious, then there are a few other tools you can 
use to diagnose a problem with network hardware (adapters and cabling). 


TROUBLESHOOTING WIRED CONNECTIVITY 


To diagnose a cable problem, perform a basic local connectivity test using the ping 
utility (discussed later) with a known working system on the local subnet. If you can 
ping another local system, the problem is not in the cabling (at least, not this cable). 


If you can't ping anything then, assuming you've physically checked the back of the 
machine for the cable's presence, verify that the patch cord is good. The easiest thing 
to do is swap the patch cord to the wall socket with another—known working—cable. 


Can you ping anything now? If not, verify the patch cord between the patch panel and 
the switch. Swap with another known good cable and test again. If this still fails, try 
connecting a different host to the network port. If the other host connects, suspect a 
problem with network adapter in the original host. Use Device Manager to verify that 
the adapter's link properties are set correctly (typically to autonegotiate). If there is no 
configuration issue, swap the network adapter with a known good one and re-test. 


Note: The link LEDs on network adapter and switch ports will indicate whether the link is 
active and possibly at what speed the link is working. The LEDs typically flicker to show 
network activity. 


If you still haven't isolated the problem, try plugging the problem computer into a 
different network port. By testing from different ports, you should be able to establish 
the scope of the problem and the likely location of the fault. Eventually, through the 
process of substituting working components for suspect components, you should 
resolve the cable problem. Remember that if several users have the problem, you 
should check the switch in this way too. 
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transposing devices. For example, a loopback plug can be used to test whether a port is 


© Note: If you have suitable tools, you can use them in place of substituting and 
working (and therefore indicate that the problem is with the cable). 


Problems with patch cords are simple as you can just throw the broken one away and 
plug in a new one. If the problem is in the structured cabling, however, you will want to 
use cable testing tools to determine its cause, especially if the problem is intermittent 
(that is, if the problem comes and goes). The solution may involve installing a new 
permanent link, but there could also be a termination or external interference 
problem. 


TROUBLESHOOTING SLOW TRANSFER SPEEDS 


The transfer speed of a cabled link could be reduced if the network equipment is not 
all working to the highest available standard. Check the configuration of the network 
adapter driver (via Device Manager) and the setting for the switch port (via the switch's 
management software). Slow transfer speeds can be caused by a variety of other 
problems and can be very difficult to diagnose. 


* There may be congestion at a switch or router or some other network-wide 
problem. This might be caused by a fault or by user behavior, such as transferring a 
very large amount of data over the network. 

* There could be a problem with the network adapter driver. 

* The computer could be infected with malware. 

* The network cabling could be affected by interference. This could be from an 
external source but check the ends of cables for excessive untwisting of the wire 
pairs as poor termination is a common cause of problems. 


COMMON WIRELESS NETWORK CONNECTIVITY ISSUES 


When troubleshooting wireless networks, as with cabled links, you need to consider 
problems with the physical media, such as interference and configuration issues. 


The Radio Frequency (RF) signal from radio-based devices weakens considerably as 
the distance between the devices increases. If you experience slow transfer speeds or 
you cannot establish a connection, try moving the devices closer together. If you still 
cannot obtain a connection, check that the security and authentication parameters are 
correctly configured on both devices. 


TROUBLESHOOTING WIRELESS CONFIGURATION ISSUES 


If a user is looking for a network name that is not shown in the list of available wireless 
networks (SSID not found), the user could be out of range or broadcast of the SSID 
name might be suppressed. In the latter scenario, the connection to the network name 
must be configured manually. 


Another factor to consider is standards mismatch. Choosing a compatibility mode for 
an access point will reduce the features available (no WPA for 802.11b compatibility, 
for instance). If an access point is not operating in compatibility mode, it will not be 
able to communicate with devices that only support older standards. Also, when an 
older device joins the network, the performance of the whole network can be affected. 
To support 802.11b clients, an 802.11b/n access point must transmit legacy frame 
preamble and collision avoidance frames, adding overhead. If at all possible, upgrade 
802.11b devices rather than letting them join the WLAN. 802.11g and 802.11n are more 
compatible in terms of negotiating collision avoidance. In a mixed 802.11g/n WLAN, 
performance of the 802.11n devices operating in the 2.4 GHz band is only likely to be 
severely impacted when 802.11g devices perform large file transfers. As these take 
longer to complete, there is less "airtime" available for the 802.1 1n clients. 
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Note: With 802.11n dual-band APs operating in mixed mode or with 802.11 ac, it is 
typical to assign the 2.4 GHz band to support legacy clients. The 5 GHz band can be 
reserved for 802.11n or 802.11ac clients and bonded channels can be configured. 


Also consider that not all clients supporting 802.11n have dual band radios. If a client 
cannot connect to a network operating on the 5 GHz band, check whether its radio is 
2.4 GHz-capable only. 


LOW RF SIGNAL/RSSI 


A wireless adapter will be configured to drop the connection speed if the Received 
Signal Strength Indicator (RSSI) is not at a minimum required level. The RSSI is an 
index level calculated from the signal strength level. For example, an 802.11n adapter 
might be capable of a 144 Mbps data rate with an optimum signal, but if the signal is 
weak it might drop to a 54 Mbps or 11 Mbps rate to make the connection more 
reliable. If the RSSI is too low, the adapter will drop the connection entirely and try to 
use a different network. If there are two fairly weak networks, the adapter might "flap" 
between them. Try moving to a location with better reception. 


TROUBLESHOOTING WIRELESS SIGNAL ISSUES 

If a device is within the supported range but the signal is very weak or you can only get 
an intermittent connection, there is likely to be interference from another radio 
source broadcasting at the same frequency. If this is the case, try adjusting the channel 
that the devices use. Another possibility is interference from a powerful 
electromagnetic source, such as a motor or microwave oven. Finally, there might be 
something blocking the signal. Radio waves do not pass easily through metal or dense 
objects. Construction materials such as wire mesh, foil-backed plasterboard, concrete, 
and mirrors can block or degrade signals. Try angling or repositioning the device or 
antenna to try to get better reception. 


Note: The ideal position for an access point is high up and in the center of the area it is 
supposed to serve. 


# inSSIDer21 =" [ice] f=) fa) 


3Com Ltd Infrastructure 
Infrastructure 
Infrastructure 
Infrastructure 


Infrastructure 


Surveying Wi-Fi networks using inSS/Der. 
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Wi-Fi Analyzer software, such as inSSIDer, is designed to support a site survey, to 
identify nearby networks that may be causing interference problems, and to measure 
signal strength. You can use a Wi-Fi Analyzer for troubleshooting, too. It shows the 
signal strength, measured in dBm. This can also be expressed as a percentage; for 
example, -35 dBm or better would represent the best possible signal at 100%, -90 dBm 
or worse would represent 1%, and -65 dBm would represent 50% signal strength. 


The analyzer will also show how many networks are utilizing each channel. Setting the 
network to use a less congested channel can improve performance. 


IP CONFIGURATION ISSUES 


If a host does not have an appropriate IP configuration for the network that it is 
connected to, it will not be able to communicate with other hosts, even if the physical 
connection is sound. There are a number of command-line tools for testing and 
troubleshooting the IP configuration. 


VIEWING IP CONFIGURATION (ipconfig) 

In Windows, IP configuration information is displayed through the adapter's status 
dialog (Windows 7/8) or Windows Settings (Windows 10). You can also view this 
information at a command line using the ipconfig tool. Used without switches, 
ipconfig displays the IP address, subnet mask, and default gateway (router) for all 
network adapters to which TCP/IP is bound. Typical ipconfig switches and arguments 
are as follows. 


Switch Description 


ipconfig /all Displays detailed configuration, including 
DHCP and DNS servers, MAC address, and 
NetBIOS status. 

ipconfig /release Releases the IP address obtained from a 

DHCP server so that the network adapter(s) 

will no longer have an IP address. 


ipconfig /renew Forces a DHCP client to renew the lease it has 
for an IP address. 


AdapterName 


AdapterName 

ipconfig /displaydns Displays the DNS resolver cache. This contains 
host and domain names that have been 
queried recently. Caching the name-to-IP 
mappings reduces network traffic. 

ipconfig /flushdns Clears the DNS resolver cache. 


Note that omitting the AdapterName argument releases or renews all adapters. If 
AdapterName contains spaces, use quotes around it (for example, ipconfig / 
renew "Local Area Connection"). 


TROUBLESHOOTING WITH ipconfig 
You would use ipconfig to determine whether the adapter has been correctly 
configured. ipconfig can resolve the following questions: 


* Is the adapter configured with a static address? Are the parameters (IP address, 
subnet mask, default gateway, and DNS server correct)? 
* Is the adapter configured by DHCP? If so: 


* An address in the range 169.254.x.y indicates that the client could not contact a 
DHCP server and is using Automatic Private IP Addressing (APIPA). If this is the 
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case, Windows will display a yellow alert icon and a notification that the adapter 


has only Limited connectivity. S 

* A DHCP lease can be static (always assigns the same IP address to the computer) 
or dynamic (assigns an IP address from a pool)—has the computer obtained a 
suitable address and subnet mask? 


* Are other parameters assigned by DHCP correct (default gateway, DNS servers, 
and so on)? 


=\Users\Admin>ipconfig /all 
Jindows IP Configuration 


Host Name .... . ROGUE 
Primary Dns Suffix 
Node Type .... . 
IP Routing Enabled. 
WINS Proxy Enabled. 


: No 
DNS Suffix Search List 


z Hybrid 
: No 
Š classroom. local 


thernet adapter Ethernet: 


Connection-specific DNS classroom. local 

Description . . . Microsoft Hyper-U Network Adapter 
Physical Address. . 66-15-5D-61-CA-GE 

DHCP Enabled. . .. Yes 

Autoconfiguration En Yes 

IPv4 Address. ... 16.1.6.131¢Preferred> 
Subnet Mask . . s 
Lease Obtained. À 


255.255.255.0 

Wednesday, January 4, 2017 2:46:65 AM 
Thursday. January 12, 2617 2:46:63 AM 
10.1.0.254 

180.1.0.1 

108.1.8.1 

Enabled 


Lease Expires .. 
Default Gateway . 
DHCP Server .. . 
DNS Servers .. . 
NetBIOS over Tcpip 


ab 


le 


eee ee eee Bees 


Using ipconfig. (Screenshot used with permission from Microsoft.) 


If any of these results are negative, you should investigate either communications 
between the client and the DHCP server, the configuration of the DHCP server, or 
whether multiple DHCP servers are running on the network (and the client has 
obtained the wrong configuration from one). 


ifconfig 


UNIX and Linux hosts provide a command called if config, which provides similar 
output to Windows' ipconfig program. Note some differences between the Windows 
and Linux commands: 


* ifconfig canalso be used to bind an address to an adapter interface, set up 
communication parameters, and enable or disable the adapter. 

e The Windows switches for configuring the adapter with DHCP and DNS are not 
supported by ifconfig. 


e The ifconfig command output does not show the default gateway (use route 
instead). It does show traffic statistics, though. 
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Link encap:Ethernet HWaddr 00:15:5d:01:c0:9f 

inet adlr:192.168.1.1 Beast:192.168.1.255 Mask:255.255.255.0 
inet6 addr: fe8O::215:5dff:fe01:cO9f/64 Scope :Link 

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 

RX packets:0 errors:0 dropped:0 overruns:0 frame:0 

TX packets:36 errors:0 dropped:0 overruns:0 carrier :0 
collisions:0 txqueuelen: 1000 

RX bytes:0 (0.0 B) TX bytes:1728 (1.7 KB) 


Link encap:Local Loopback 

inet addr:127.0.0.1 Mask:255.0.0.0 

inet6 addr: ::1/7128 Scope:Host 

UP LOOPBACK RUNNING MTU:16436 Metric:1 

RX packets:57 errors:0 dropped:0 overruns:0 frame:0 
TX packets:5? errors:0 dropped:0 overruns:0 carrier :0 
collisions:0 txqueuelen:0 

RX bytes:4153 (4.1 KB) TX bytes:4153 (4.1 KB) 


dministrator@lamp:~§$ _ 


Using ifconfig. (Screenshot used with permission from Microsoft.) 


Note: Additionally, a separate command (iwconfig) is used to manage wireless 


interfaces. Note that both these commands are deprecated in favor of the newer i p and 


í w utilities. 


IP CONNECTIVITY ISSUES 


If the link and IP configuration both seem to be correct, the problem may not lie with 
the local machine but somewhere in the overall network topology. You can test 
connections to servers such as files shares, printers, or email by trying to use them. 
One drawback of this method is that there could be some sort of application fault 
rather than a network fault. Therefore, it is useful to have a low-level test of basic 
connectivity that does not have any dependencies other than a working link and IP 
configuration. 


ping 

The ping utility is a command-line diagnostic tool used to test whether a host can 
communicate with another host on the same network or on a remote network. It is the 
basic tool to use to establish that a link is working. ping uses the Internet Control 
Message Protocol (ICMP) to request status messages from hosts. The following steps 
outline the procedures for verifying a computer's configuration and for testing router 
connections: 


1. Ping the loopback address to verify TCP/IP is installed and loaded correctly 
(ping 127.0.0.1)—the loopback address is a reserved IP address used for 
testing purposes. 


2. Ping the IP address of your workstation to verify it was added correctly and to 
check for possible duplicate IP addresses. 


3. Ping the IP address of the default gateway to verify it is up and running and that 
you can communicate with a host on the local network. 

4. Ping the IP address of a remote host to verify you can communicate through the 
router. If no router is available, Windows will display a yellow alert icon and a 


notification that the adapter has No Internet access. a 
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Remote Server 
IP: 192.168.42.30 W C:\>pine 127.0.0.1 
Mask: 255.255.255.0 > x A Pinging 127.0.0.1 with 32 bytes of data: 


N Reply from 127.0.0.1: bytes=32 time<ims T 
Reply from 127.0.0.1: bytes=32 time<ims T 
Reply from 127.0.0.1: bytes=32 time<ims T 

PEE E l a Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 


Router eth1 Ping statistics for 127.0.0.1: 


Packets: Sent= 4, Received = 4, Lost = @ (0% lost), 


rii -B -----5 IP: 192.168.42.1 Approximate round trip times in milli-seconds: 
i 


Minimum = @ms, Maximum = @ms, Average = @ms 


i 
a 1 

he a 2 | C:\>ping 192.168.101.100 
u ç Q" =O ------- > 

i 


1 ea Pinging 192.168.101.100 with 32 bytes of data: 
t erorri) Router eth0 Reply from 192.168.101.109: bytes=32 time<1ms TTL=128 
IP: 192.168.1.1 Reply from 192.168.101.100: time<ims TTL=128 


Host Reply from 192.168.101.100: bytes= time<ims TTL=128 
Reply from 192.168.101.100: bytes=32 time<ims TTL=128 
IP: 192.168.1.20 


Mask: 255.255.255.0 Ping statistics for 192.168.101.100: 


Packets: Sent= 4, Received = 4, Lost = @ (0% lost), 


Approximate round trip times in milli-seconds: 
Minimum = @ms, Maximum = @ms, Average = @ms 


C:\>ping 192.168.1.200 


ping 127.0.0.1 
Pinging 192.168.1.200 with 32 bytes of data: 
ping 192.168.1.20 Request timed out. 


Request timed out. 
Request timed out. 


ping 192.168.1.1 Request timed out. 


Ping statistics for 192.168.1.200: 


ping 192.168.42.30 Packets: Sent= 4, Received = @, Lost = 4 (100% lost), 


Troubleshooting with ping. 


If ping is successful, it responds with the message Reply from IP Address and the 
time it takes for the server's response to arrive. The millisecond measures of Round 
Trip Time (RTT) can be used to diagnose latency problems on a link. 


If ping is unsuccessful, one of two messages are commonly received: 


* Destination unreachable—there is no routing information (that is, the local 
computer or an intermediate router does not know how to get to that IP address). If 
the host is on the same network, check the local IP configuration—IP address, 
subnet mask, and so on. If you can discount any configuration error, then there may 
be a hardware or cabling problem. If the host is on another network, check the IP 
configuration and router. 

* No reply (Request timed out)—the host is unavailable or cannot route a reply 
back to your computer. Check physical cabling and infrastructure devices such as 
the switch. If the host is on a remote network, try using tracert (described 
shortly). 


Note: Be aware that ICMP traffic is often blocked by firewalls, making a response such as 
request timed out or destination unreachable inevitable. As well as network firewalls, 
consider that a host firewall, such as Windows Firewall, might be blocking ICMP. 


TESTING DNS 


You can also ping DNS names (ping comptia.org, for example) or FQDNs 
(ping sales.comptia. org, for instance). This will not work if a DNS server is 
unavailable. Use the - a switch to perform a reverse lookup on an IP address to try to 


get the host name. For example, ping -a 192.168.1.1 should return the 
message "Pinging HostName [192.168.1.1]." 


TROUBLESHOOTING AN IP CONFLICT 


Two systems could end up with the same IP address because of a configuration error; 
perhaps both addresses were statically assigned or one was assigned an address that 
was part of a DHCP scope by mistake. If Windows detects a duplicate IP address, it will 
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display a warning and disable IP. If there are two systems with duplicate IPs, a sort of 
"race condition" will determine which receives traffic. Obviously, this is not a good way 
for the network to be configured and you should identify the machines and set them to 
use unique addresses. 


ROUTING ISSUES 


The tracert command-line utility is used to trace the route a packet of information 
takes to get to its target. Like ping, it uses ICMP status messages. For example, a user 


might type the following: tracert 10.0.0.1. This command would return details 
of the route taken to find the machine or device with the IP address of 10.0.0.1. 


tracert can also be used with a domain name or FQDN, suchas: tracert 
comptia.org. 


=\Users\localadmin>tracert 16.6.6.1 
racing route to 16.6.6.1 over a maximum of 30 hops 
1 HOST ([192.168.1.116] reports: Destination host unreachable. 
race complete. 
=\Users\localadmin>tracert gtslearning.com 


racing route to gtslearning.com [185.41.10.123] 
over a maximum of 36 hops: 


ARCHER_UR96@ [192.168.1.1] 

Request timed out. 

31.55.187.181 

31.55.187.188 

core2—hu@-17-6-1 .southbank.ukcore.bt.net [195.99 


s 
= 


195.99 .127.78 
peer2—et—?-1-@.redbus.ukcore.bt.net [62.172.163. 


ow 


linx2.ixreach.com [195.66.236.2171] 

ri.tcw.man.ixreach.com [91.196.184.1811 
rti-t jh-ixr.as260683.net [46.18.174.222] 
serverl.gtslearning.com [185.41.10.123] 


1 
2 
3 
4 
5 
27. 
6 
? 
] 
8 
9 
6 
1 


et þak 


race complete. 


=\Users\localadmin>, 


Using tracert—the first trace to a local private network has failed but the trace over the Internet to 
gtslearning.com's web server has succeeded, passing first through the SOHO router then through the 
routers belonging to the user's ISP, then the routers belonging to the web host. (Screenshot used with 

permission from Microsoft.) 


If the host cannot be located, the command will eventually timeout but it will return 
every router that was attempted. The output shows the number of hops (when a 
packet is transferred from one router to another), the ingress interface of the router or 
host (that is, the interface from which the router receives the ICMP packet), and the 
time taken to respond to each probe in milliseconds (ms). If no acknowledgement is 
received within the timeout period, an asterisk is shown against the probe. 


Note: pingand tracert use Internet Control Message Protocol (ICMP) traffic. A 
firewall may be configured to block this traffic to prevent network snooping. 


UNAVAILABLE RESOURCES 


If you cannot identify a problem with the cabling, switches/routers, or the IP 
configuration, you should start to suspect a problem at a higher layer of processing. 
There are three main additional "layers" where network services fail: 
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* Security—a firewall or other security software or hardware might be blocking the 
connection. 

* Name resolution—if a service such as DNS is not working, you will be able to 
connect to file/print/email services by IP address but not by name. 

* Application/OS—the software underpinning the service might have failed. If the OS 
has failed, there might not be any sort of connectivity to the host server. If the 
server can be contacted, but not a specific service, the service process might have 
crashed. 


When troubleshooting Internet access or unavailable local network resources, such as 
file shares, network printers, and email, try to establish the scope of the problem. If 
you can connect to these services using a different host, the problem should lie with 
the first client. If other hosts cannot connect, the problem lies with the application 
server or print device or with network infrastructure between the client and the server. 


TROUBLESHOOTING INTERNET AVAILABILITY 

When Windows reports that a network adapter has "No Internet access," it means that 
the IP configuration is valid but that Windows cannot identify a working Internet 
connection. Windows tests Internet access by attempting a connection to 
www.msftncesi.comand checking that DNS resolves the IP address correctly. 


If the local PC settings are correct, locate your ISP's service status page or support 
helpline to verify that there are no wider network issues or DNS problems that might 
make your Internet connection unavailable. If there are no ISP-wide issues, try 
restarting the router/modem. 


© Note: Do not restart a router without considering the impact on other users! 


If these measures don't help, also consider that there might be some sort of security 
issue, such as a proxy configuration not working or a firewall blocking the host. 


PERFORMING A NETWORK RESET 


If there are persistent network problems with either a client or a server, one "stock" 
response is to try restarting the computer hardware. You can also try restarting just 
the application service. 


Note: As before, do not restart a server without considering the impact on other users. A 
restart is probably only warranted if the problem is widespread. 


In Windows, you can try running the network troubleshooter app to automatically 
diagnose and fix problems. Another option is to reset the network stack on the device. 
In Windows, this will clear any custom adapter configurations and network 
connections, including VPN connections. These will have to be reconfigured after the 
reset. 


In Windows 10, there is a Network reset command on the Settings—Network & 


Internet—Status page. In Windows 7/8, you can use the Network Adapter 
troubleshooter or run the following commands (as administrator): 


ipconfig /flushdns 

netsh int ip reset resetlog.txt 

netsh winsock reset 

Use Device Manager to remove any network adapters. Reboot the computer and allow 


Windows to detect and install the adapter(s) again. Update network settings on all 
adapters to the appropriate configuration. 
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netstat 


netstat can be used to investigate open ports and connections on the local host. In 
a troubleshooting context, you can use this tool to verify whether file sharing or email 
ports are open on a server and whether other clients are connecting to them. 


=\Windows\system32>netstat -b -n 
Active Connections 


Proto Local Address Foreign Address State 
TCP 192 .168.1.116:5866 185.41 .16.123:86 CLOSE_WAIT 
CIEXPLORE. EXE] 
TCP 192 .168.1.116:5867 185 .41.16.123:86 CLOSE_WAIT 
CIEXPLORE. EXE] 
TCP 192 .168.1.116:5868 216.58 .208 . 49:443 ESTABLISHED 
CIEXPLORE. EXE] 
TCP 192 .168.1.118:5869 216.58 .208 .48:443 ESTABLISHED 
CIEXPLORE. ERE] 
TCP 192 .168.1.116:5816 164.27.151.216:86 CLOSE_WAIT 
CIEXPLORE. EXE] 
TCP 192 .168.1.116:5811 164.27.151.216:88 CLOSE_WAIT 
CIEXPLORE. EXE] 
TCP 192.168 .1.1186:5812 164.27.151.216:86 CLOSE_WAIT 
CIEXPLORE. EXE] 
TCP 192.168 .1.1186:5813 164.27.151.216:86 CLOSE_WAIT 
CIEXPLORE. EXE] 
TCP 192 .168.1.1186:5814 164.27.151.216:86 CLOSE_WAIT 
CIEXPLORE. EXE] 
TCP 192.168 .1.116:5815 164.27.151.216:86 CLOSE_WAIT 
CIEXPLORE. EXE] 
TCP 192 .168.1.116:5816 52 .28 .192 .217:443 ESTABLISHED 
CIEXPLORE.EXE] 
TCP [fe80::5c9e:8be5:bb3e:f341741:2179 [fe80::5c9e:8be5:bb3e:f341741:5519 
ESTABLISHED 
Cumms .exe ] 

[fe8@: -Sc9%e:8heS5: bb3e:£341~%41:3587 ([fe8O::ScfO:94fe:4f4:a8ax%41:57395 


[svchost.exe ] 

TCP [fe80: :5c9?e:8be5:bb3e:f341741:5519 [fe80::5c9e:8be5:bb3e:f341741:2179 
ESTABLISHED 

CUmConnect .exe ] 


=\Windows\s ystem32>_ 


Displaying open connections with netstat. (Screenshot used with permission from Microsoft.) 


The following represent some of the main switches that can be used: 
* -a displays all the connections and listening ports. 
* -b shows the process that has opened the port. 


* -n displays ports and addresses in numerical format. Skipping name resolution 
speeds up each query. 


Linux supports a similar utility with slightly different switches. 


nslookup 


If you identify or suspect a problem with name resolution, you can troubleshoot DNS 
with the ns Lookup command, either interactively or from the command prompt: 


nslookup -Option Host Server 


Host can be either a host name/FQDN or an IP address. Server is the DNS server to 


query; the default DNS server is used if this argument is omitted. -Op t ion specifies 
an nslookup subcommand. Typically, a subcommand is used to query a particular DNS 
record type. 


For example, the following command queries Google's public DNS servers (8.8.8.8) for 
information about comptia.org's mail records: 


nslookup -type=mx comptia.org 8.8.8.8 
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Using nslookup to query the mail server configured for the comptia.org domain name using Google's 
public DNS servers (8.8.8.8). (Screenshot used with permission from Microsoft.) 


If you query a different name server, you can compare the results to those returned by 
your own name server. This might highlight configuration problems. 


Note: The dig utility is often used as a more up-to-date and flexible alternative to 


nslookup. dig allows you to query a name server directly and retrieve any of the 
information known about the domain name. It is helpful in determining if the server is 
running correctly and if the domain record is properly configured. 
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Activity 7-7 


Discussing Network Connection 
Troubleshooting 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. You are trying to add a computer to a wireless network but cannot detect the 
access point. 


What would you suspect the problem to be? 


2. What readings would you expect to gather with a Wi-Fi analyzer? 


3. You have restarted the DHCP server following a network problem. 


What command would you use to refresh the IP configuration on Windows 7 
client workstations? 


4. What command can you use on a Linux computer to report the IP 
configuration? 


5. A single PC on a network cannot connect to the Internet. 


Where would you start troubleshooting? 
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A computer cannot connect to the network. The machine is configured to obtain a 
TCP/IP configuration automatically. You use ipconfig to determine the IP address 
and it returns 0.0.0.0. 


What does this tell you? 


If a host has a firewall configured to block outgoing ICMP traffic, what result 
would you expect from pinging the host (assuming that the path to the host 
is otherwise OK)? 


What Windows tool is used to test the end-to-end path between two IP hosts 
on different IP networks? 


Which command produces the output shown in this graphic? 


Command output exhibit. (Screenshot used with permission from Microsoft.) 
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Activity 7-8 


Troubleshooting Network Connections 


BEFORE YOU BEGIN 


Take a moment to review the VMs available on the virtual network. 


10.1.0.0/24 


[| 172.16.0.0/30 


a 
PC2 PC1 MS1 DC1 
_ (Windows 7) (Windows 10) 


VLOCAL Switch 


Network environment for troubleshooting network connections. 


SCENARIO 


In this activity, you will run scripts that simulate network connectivity problems. You 
will then use troubleshooting tools and techniques to detect and fix the problems. 


1. Start the VMs to create the network. 
You do not need to open connection windows for the VMs unless you are specifically 
prompted to do so. 
a) If necessary, in Hyper-V Manager, right-click RT1-LOCAL and select Start. 
b) If necessary, right-click DC1 and select Start. 
c) Wait until the DC1 thumbnail shows the logon screen, and then start MS1. 
d) Wait until the MS1 thumbnail shows the logon screen, and then start PC1 and PC2. 
e) Open a connection window for PC1. 
f) Sign on, using the account 515support\Administrator and password Pa$$wOrd 


2. Test that the VMs on the local network can communicate with one another. 
a) Onthe Windows 10 VM, open a command prompt. 


b) Typeipconfig /allandpress Enter. 


c) | Examine the details of your IP configuration, and verify that the configuration of the 
Ethernet adapter matches the information shown in the figure at the start of the 
activity. 
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d) Runthis command: ping 127.0.0.1 
This command verifies that IP is installed correctly by performing a connection test 
with the loopback adapter (essentially pinging the local host). 

e) Runthis command: ping 10.1.0. xwhere xis the value reported by 
ipconfig for the IPv4 address. 
This command checks the IP assigned by DHCP. 

f) Runthiscommand: ping 10.1.0.254 
This command checks the connection to the default gateway. 

g) Runthiscommand: ping DC1 -4 
This command tests name resolution and connectivity with the other hosts on the 
network. The -4 switch forces ping to use IPv4, rather than IPv6. 

h) Runthiscommand: ping MS1 -4 
This command tests name resolution and connectivity with the other hosts on the 
network. The -4 switch forces ping to use IPv4, rather than IPv6. 

i) Run this command: ping PC2 -4 


This command tests name resolution and connectivity with the other hosts on the 
network. The -4 switch forces ping to use IPv4, rather than IPv6. 

j) Leave the command prompt open. 

k) Start a web browser, and open http://updates.corp.515support.com 

1) Open File Explorer, and browse \\DC1\LABFILES. 


m) Atthe command prompt, run netstat -no 
This command checks the connections that you just established. 

n) Runthis command: nslookup -type=SOA corp.515support.com 
This command checks information about how the DNS service is administered. 


o) Switch back to the web browser, select the Settings and more button at the top right, 
and then select Settings. 


p) Select the Choose what to clear button. 
q) Select Always clear this when I close the browser to toggle this setting to On. 
r) Close the browser window. 


Run a script to create a problem with the network configuration that you will 
diagnose and correct. 


a) On the PC1 VM computer, activate the Instant Search box, and type 
powershell 

b) Right-click the Windows PowerShell icon and select Run as administrator. 

c) Inthe UAC prompt box, select Yes. 

d) In the Windows PowerShell window, typec:\labfiles\netprobl and 
press Enter. 

e) Leave the PowerShell window open. 


f) Repeat the tests you performed in step 2 of this activity to try and identify the 
problem that was introduced. 


g) | Think about the problem and how you would you fix it. Apply the appropriate fix for 
the problem you discovered. 


h) Ifyou could not resolve the problem, at the PowerShell prompt, run c : 
\labfiles\netprob1- fix to reset the configuration to its original state. 


Run another script to introduce another problem to troubleshoot. 


a) At the PowerShell prompt on the PC1 VM, typec:\labfiles\netprob2 
and press Enter. 
b) Leave the PowerShell window open. 
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c) Repeat the tests you performed in step 2 of this activity to try and identify the 
problem that was introduced, along with a proposed solution. 


d) Apply the appropriate fix for the problem you discovered. 
e) Ifyou could not resolve the problem, at the PowerShell prompt, run c : 
\labfiles\netprob2- f£1x to reset the configuration to its original state. 


5. At the end of each activity, you need to close the VMs and discard any changes 
you made. 
a) From the connection window, select Action—Revert. 
b) Ifyou are prompted to confirm, select the Revert button. 


c) On the HOST PC, in the Hyper-V Manager console, right-click each VM that is still 
running and select Revert. At the end of the activity, the state of each VM should be 
listed as Off. 
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Topic F 


Install and Configure loT Devices 


EXAM OBJECTIVES COVERED 
Fl 1001-2.3 Given a scenario, install and configure a basic wired/wireless SOHO network. 


1001-2.4 Compare and contrast wireless networking protocols. 


As a CompTIA A+ technician, you should be alert to the need to stay up to date with 
new technologies. The market for home automation systems is expanding all the time, 
and these technologies are also starting to appear in office buildings. In this topic, you 
will learn about the main types of devices and networking standards plus basic 
procedures for setting up a smart hub and connecting devices to it. 


INTERNET OF THINGS 


Wi-Fi dominates wireless networking for devices like computers and laptops. It is also 
supported by smartphones and tablets. Wi-Fi requires quite powerful adapters with 
large antennas, however. Other wireless technologies support communications 
between smaller devices, where low weight, bulk, and power consumption are the 
primary requirements. 


The term Internet of Things (loT) is used to describe the global network of personal 
devices—such as phones, tablets, and fitness trackers, home appliances, home control 
systems, vehicles, and other items that have been equipped with sensors, software, 
and network connectivity. These features allow these types of objects to communicate 
and pass data between themselves and other traditional systems like computer 
servers. This is often referred to as Machine to Machine (M2M) communication. 


Each “thing” is identified with some form of unique serial number or code embedded 
within its own operating or control system and is able to inter-operate within the 
existing Internet infrastructure either directly or via an intermediary. 


loT WIRELESS NETWORKING TECHNOLOGIES 


When you work with loT devices, you might encounter one or more of these network 
connection technologies. 


BLUETOOTH AND BLUETOOTH LOW ENERGY 

Bluetooth uses radio communications and supports speeds of up to 3 Mbps. Adapters 
supporting version 3 or 4 of the standard can achieve faster rates (up to 24 Mbps) 
through the ability to negotiate an 802.11 radio link for large file transfers (BT + HS 
[High Speed)). 

Bluetooth does not require line-of-sight and supports a maximum range of 10 m (30 
feet), though signal strength will be weak at this distance. Many portable devices, such 
as smartphones, tablets, wearable tech, audio speakers, and headphones now use 
Bluetooth connectivity. Bluetooth devices can use a pairing procedure to authenticate 
and exchange data securely. 


Version 4 introduced a Bluetooth Low Energy (BLE) variant of the standard. BLE is 
designed for small battery-powered devices that transmit small amounts of data 
infrequently. A BLE device remains in a low power state until a monitor application 
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initiates a connection. BLE is not backwards-compatible with "classic" Bluetooth, 
though a device can support both standards simultaneously. 


Z-Wave 

Z-Wave is a wireless communications protocol used primarily for home automation. It 
was developed in 2001 by Zensys, a Danish company, but with interest and investment 
from other technology and engineering companies such as Cisco, Intel, Panasonic, and 
Danfoss, the Z-Wave Alliance was formed. Z-Wave operates a certification program for 
devices and software. 


Z-Wave creates a mesh network topology, using low-energy radio waves to 
communicate from one appliance to another. Devices can be configured to work as 
repeaters to extend the network but there is a limit of four "hops" between a controller 
device and an endpoint. This allows for wireless control of residential appliances and 
other devices, such as lighting control, security systems, thermostats, windows, locks, 
swimming pools, and garage door openers. Z-Wave has been registered in most 
countries worldwide and uses radio frequencies in the high 800 to low 900 MHz range. 
It is designed to run for long periods (years) on battery power. 


Zigbee 

Zigbee has similar uses to Z-Wave and is an open source competitor technology to it. 
The Zigbee Alliance operates a number of certification programs for its various 
technologies and standards. 


Zigbee uses the 2.4 GHz frequency band. This higher frequency allows more data 
bandwidth at the expense of range compared to Z-Wave and the greater risk of 
interference from other 2.4 GHz radio communications. Zigbee supports more overall 
devices within a single network (65,000 compared to 232 for Z-wave) and there is no 
hop limit for communication between devices. 


RFID AND NEAR FIELD COMMUNICATIONS (NFC) 


Radio Frequency ID (RFID) is a means of tagging and tracking objects using specially 
encoded tags. When an RFID reader scans a tag, the tag responds with the information 
programmed into it. A tag can either be an unpowered, passive device that only 
responds when scanned at close range (up to about 25 m), or a powered, active device 
with a range of 100 m. Passive RFID tags can be embedded in stickers and labels to 
track parcels and equipment and are used in passive proximity smart cards. 


Near Field Communications (NFC) is a peer-to-peer version of RFID; that is, an NFC 
device can work as both tag and reader to exchange information with other NFC 
devices. NFC normally works at up to 2 inches (6 cm) at data rates of 106, 212, and 424 
Kbps. NFC sensors and functionality are starting to be incorporated into smartphones. 
NFC is mostly used for contactless payment readers, security ID tags, and shop shelf- 
edge labels for stock control. It can also be used to configure other types of connection 
(pairing Bluetooth devices, for instance). 


loT DEVICE CONFIGURATION 


One of the applications of Internet of Things (loT) functionality is the use of home 
automation devices, also called a smart home. A smart home essentially means that 
ordinary controls, such as the thermostat or lighting, can be controlled using a simple 
computer interface. The interface could be an app on your smartphone or a voice- 
enabled home automation hub (or both). 


For consistency and the use of a single point-of-control, you ideally need to pick 
devices that are all compatible. There are two main compatibility considerations: 


e That devices all share the same networking protocol, such as Z-Wave or Zigbee. 
* That devices are all compatible with the same virtual assistant or hub. 
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ENDPOINT DEVICES 


In home automation, endpoint devices are the things that physically interface with or 
implement the system you are controlling. 


* Thermostat—operate heating and hot water controls and measure the current 
temperature. 

* Light switches/bulbs—turn lights on or off or set to a particular dimmer level or 
color (in the case of smart bulbs). 

* Security cameras—the main function is to record images to cloud storage, but these 
come with a very wide range of features, including intruder alerting/motion 
detection, face recognition, night vision, two-way microphone, zoom, and tracking. 

* Door locks—a smart lock can be operated using voice or a tap and can be set to lock 
automatically if your smartphone is more than a certain distance away. Locks can 
also log events. 


Depending on type, an endpoint device might need to be fitted by a qualified installer, 
such as an electrician or heating engineer. The next step is to register the device with 

some sort of controller. This could either be a smartphone app or some sort of smart 
hub. 


SMARTPHONE CONTROL 


Smartphones can only be used to control a device directly over Wi-Fi, Bluetooth, or 
NFC. There are no smartphones with Z-Wave or Zigbee radios (at the time of writing). 


SMART HUB AND SMART SPEAKER CONTROL 


Devices using Z-Wave or Zigbee can be controlled using a smart hub. Most of the major 
hub vendors support both technologies (as well as Wi-Fi and Bluetooth). You can then 
use a Smartphone to operate the devices via the hub. 


Most Z-Wave or Zigbee smart devices will come with their own dedicated hub or 
bridge. A dedicated hub can only usually control devices made by a single vendor. 
Dedicated hubs tend to be fairly limited devices that you can configure via a 
management URL or mobile app. 


It may be possible to replace or supplement use of a dedicated hub with a more 
generic smart speaker/digital assistant-type hub. Examples of smart speaker brands 
include Samsung SmartThings, Amazon Echo, and Google Home™. Note that most of 
the brands include different models with different capabilities. 


To set up a smart speaker, you usually install the product's app on a smartphone or 
tablet then use it to connect to the speaker. Configure the speaker to connect to your 
home Wi-Fi network. You should now be able to start configuring specific settings and 
integration features. 


Integration with a digital assistant depends on the hub model and smart device. As an 
example, Amazon's Alexa digital assistant can be configured with "skill" shortcuts. A 
smart device vendor could create skills to allow Alexa to respond to commands to 
"Alexa, dim the lights" or "Alexa, turn the heating up" by sending appropriate 
commands to the relevant device. 


Note: /n most cases, the dedicated hub will have to remain in place. When you issue a 

O command to Alexa, Alexa sends a command to the dedicated hub, and the dedicated hub 
sends the command to the device. As smart device ecosystems evolve, the integration 
between devices and hubs is likely to become tighter. Another option is the Wink Hub 
(wink.com/products/wink-hub), which is specifically designed to act as a smart home 
systems integrator. The web platform If This Then That (ifttt.com) represents another 
means of integrating diverse technologies. 


When you connect a new smart device, you can use the hub to scan for it. The device 
will be allocated a node ID to register it on the network operated by the hub. If you 
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have to register a number of similar devices, it is best to do so one-by-one, so that you 
can give them meaningful names. If you connect multiple devices of the same type at 
the same time, it can be tricky to distinguish them in the hub management app. If you 
have to do things this way, look for a unique serial number or code printed on the 
device. That value might be reported to the hub as a device property. 


Note: The node ID is assigned by the network controller rather than coded into the 
device. Zigbee devices have burned-in MAC addresses but Z-Wave devices do not. 


DIGITAL ASSISTANTS 


A digital assistant (or virtual assistant) is a voice interface designed to respond to 

natural language commands and queries. Most smartphones and computers now 

support a voice assistant and they are also implemented on smart speaker hubs. The 

voice interface transfers requests for processing by a backend server, reducing 

processing demands on the device but raising privacy and security concerns. 

The market is dominated by the major smartphone OS and smart hub vendors. Each 

voice assistant can be configured to respond to a wake word. 

* Google Assistant™—"OK Google." 

* Amazon Alexa—"Alexa." 

* Apple® Siri@—"Hey Siri." 

* Microsoft Cortana®—"Hey Cortana" or just "Cortana" (Microsoft is dropping the 
"Hey" requirement at the time of writing). 

There are obviously considerable difficulties in providing a natural language interface 

that can cope with the diversity of languages, accents, and speaking styles used by 

people around the world. As vendors gather more voice data, however, they can make 

the assistants more accurate and more capable of providing a useful, individualized 

service. 

To use a voice-based virtual assistant, the feature may first need to be enabled and 


then trained by completing a setup wizard to configure the assistant to recognize the 
user's voice. 
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Activity 7-9 


Discussing loT Devices 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What type of network topology is used by protocols such as Zigbee and Z- 
Wave? 


2. What types of home automation device might require specialist installer 
training? 


3. What are the two main options for operating smart devices? 


4. True or false? Voice processing by a smart speaker is performed internally so 
these devices can be used without an Internet connection. 
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Activity 7-10 


Configuring loT Devices 


BEFORE YOU BEGIN 


In addition to the actual loT equipment, you will need a wireless network with an 
Internet connection and a computer with a wireless adapter to perform this activity. 


SCENARIO 

Depending on the equipment available, you might watch as your instructor sets up 
some home automation devices, or you might assist in setting them up yourself. This 
suggested activity requires an Echo Dot smart speaker, a Philips smart bulb kit, and 
one or more lamps. 


You will configure the smart speaker so that it can respond to your voice queries. Then 
you will install the smart bulbs and configure the smart speaker to operate them. 


1. Configure the smart speaker hub. The specific steps provided here are for 
configuring an Amazon Echo Dot smart speaker. 


a) 
b) 


d) 
e) 


Connect the smart speaker to the power supply. 

Unless you are instructed otherwise, reset it to factory settings. For example, with an 
Echo Dot, press and hold the Microphone off and Volume down buttons until the 
LED turns orange. 

Open https://alexa.amazon.com. 

If you do not already have an Amazon account, create one, and then sign in. 

If you are prompted to accept terms and conditions, select Continue. 

Select the model of smart speaker you are configuring. 


When you are prompted to connect your computer, use the network status icon (on 
the Windows taskbar) to connect to the Amazon-XXX wireless network, making sure 
to check the Connect automatically box. 


Connect your computer to 
( a ree your Echo Dot 
| D P Corners 
k Home ae Go to your Wi-Fi settings on this computer 
— oe thee and select the network of the format 
Amazon-XXx. It may take up to a minute to 
display. After connecting to Amazon-XXX, 
you can continue setup. 


Cancel setup 


Don't see the orange light ring? 


Connect to the built-in Echo access point when prompted to continue with setup. 
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h) Switch back to the browser setup app. 
You should see a prompt to connect the smart hub to your own wireless network. 


Echo Dot Setup 


Select your Wi-Fi network 


Previously Saved to Amazon. Learn More 
No Wi-Fi networks have been saved 
Other Networks 


COMPTIA-WLAN 


Cancel setup Rescan 


Your Echo Dot's MAC address is 5C:41:5A:56:E9:38 


Join the smart hub to your own wireless network. 


i) Select the appropriate wireless network to join the smart hub to (it must have an 
Internet connection). 


j) Enter the PSK for the network. 

k) | Uncheck the Save password to Amazon box. 

1) Select Connect. 

m) Select Use built-in speaker. 
Alexa should now be available to respond to your queries, though possibly not able to 
answer complex ones such as: 


Alexa, how do I configure smart bulbs? 


Use a Philips Hue account to set up the smart bulbs and bridge. 


The detailed steps are for a Philips Hue smart bulb kit (with bridge). Philips smart bulbs use 
Zigbee wireless networking. This means that you must install a Zigbee-capable hub to 
facilitate a connection to the Echo Dot smart speaker or allow control via a smartphone or 
computer with Wi-Fi. The hub must be connected to the cabled network (it does not 
support Wi-Fi itself). 

a) Connect the smart bulbs to lamps and switch them on. 

b) Connect the Hue bridge to the power supply. 


c) | Unless you are instructed otherwise, reset it to factory settings, by using the button 
on the bottom of the device. 


d) Connect the Hue Bridge to a LAN port on the router/modem, or if you are using a 
standalone access point, connect it to a switch port on the same network. 


e) Inthe Alexa web app, select Skills. 
f) | Search for the Hue skill by Philips Hue. 
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8) 


n) 


Select the Enable button. 


= O n A alexa.amazon.co.uk x +» L @ 


Home Hue 


Now Playing 


PHILIPS Hue 
Music, Video & Books hu D ENABLE 
Share 


Rated: Guidance Suggested 
Lists A*i 523 Account linking required 


Reminders & Alarms 
atthe : TRY SAYING 


Contacts 


‘Alexa, turn on Living ‘Alexa, turn on Relaxin ‘Alexa, set Bedroom to 


c 2 t he Kitche: 
Skills Room the Kitchen red 


Smart Home 
ABOUT THIS SKILL 


Things to Try With the Philips Hue skill and Alexa, you can now interact with your Philips Hue lights, rooms, scenes, and 
colours. To get started, select the "Enable Skill" button in the Alexa App to link your Philips Hue account 
and say, "Alexa, discover devices”. 

The Philips Hue Smart Home skill functionality is only compatible with the Philips Hue Bridge V2 (square 
shape). 

Note: Basic lighting functionality (on/off/dimming) is available without the Smart Home skill and is 
compatible with Philips Hue V1 (round) and V2 (square) bridges. You only need to press the Push Link 
Not James? Sign out button on the Hue bridge when you ask Alexa to discover devices. 


Settings 


Help & Feedback 


Installing the "skill" to use to control devices of a specific type. 


When the separate browser window opens to https://account.meethue.com/login, 
either sign in or create an account and sign in. 


When you are prompted, press the button on the Hue Bridge to allow the app to 
manage the bridge. 


In the web app, select Continue. 

When you are prompted, select Yes to trust Alexa. 

Close the MeetHue browser tab. 

In the Alexa app browser tab, select Discover Devices. 

The device list should be populated with the smart bulbs (their names may vary). 
Note that "All lights" is treated as an independent device. This allows you to configure 


actions that operate on each light at the same time—"Alexa, turn off all lights" for 
example. 


<3 O û A alexa.amazon.co.uk x +=» L @ 
Home Devices 
Now Playing 


Sort by | Newest v 


Music, Video & Books 


Apon Forget 
Lists Extended color light 
Reminders & Alarms Extended color light Forget 
Contacts dosh 


All lights 


Skills 


Smart Home 


Things to Try 


Settings 


Help & Feedback 


Not James? Sign out 


Smart bulb devices detected by Alexa via the bridge. 
If necessary, refresh the view by selecting Smart Home—Devices. 
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o) When the bulbs are listed, you will be able to control the lamps with voice commands 
such as the following: 


Alexa, turn off hue color lamp one. 


Alexa, dim hue color lamp two. 


Alexa, make hue color lamp two blue. 


Optionally, if you have time, explore other options for configuring the smart 
bulbs. 


Philips provides a management app only for Android and iOS. You can use a third-party 
app such as Huetro for Hue from Windows. 


Lesson 7: Configuring and Troubleshooting Networks | Topic F 


466 | The Official COompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


Summary 


In this lesson, you configured and performed troubleshooting on SOHO and other 
networks. Ensuring consistent access to network resources is often an integral part of 
an A+ technician's day-to-day duties. 


What experiences do you have in working with the networking technologies 
discussed in this lesson? 


Do you have any experience working with SOHO networks? What do you expect 
to support in future job functions? 


Practice Question: Additional practice questions are available on the CompTIA CHOICE 
platform within the Assessments tile. 
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Lesson 8 


Supporting and Troubleshooting Laptops 


LESSON INTRODUCTION 


As a CompTIA® At® technician, you will require a robust knowledge of portable computing 
principles. In this lesson, the focus will be on laptops and how they differ from desktop systems in 
terms of features, upgrade/repair procedures, and troubleshooting. 


LESSON OBJECTIVES 


In this lesson, you will: 
e Use laptop features. 
* Install and configure laptop hardware. 


* Troubleshoot common laptop issues. 
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Topic A 


Use Laptop Features 


EXAM OBJECTIVES COVERED 
a 1001-1.3 Given a scenario, use appropriate laptop features. 
1001-3.1 Explain basic cable types, features, and their purposes. 


1001-3.9 Given a scenario, install and configure common devices. 


One of the most prevalent mobile devices in today's workplaces has to be the laptop 
computer. As a CompTIA A+ technician, you will be asked to select and configure 
laptops for different business and leisure uses. In this topic, you will focus on features 
that distinguish different laptop models and laptops from desktop computers. 


LAPTOPS 


A laptop is a complete portable computer system. Laptops have specialized hardware 
designed especially for use in a portable chassis and can run on battery or AC power. 
Laptops use the same sort of operating systems as desktop PCs, however, and have 
many upgradeable or replaceable components. 


Built-in Screen 


Integrated 
Keyboard 


Touchpad 
Pointer Control 


1/O Ports on 
Side of Chassis 


Distinctive features of a laptop computer, including the built-in screen, integrated keyboard, touchpad 
pointer control, and I/O ports (on both sides and rear of chassis). (Image © 123RF.com.) 


Like desktops, laptops come in many different models and specifications. You could 
broadly categorize laptops as follows: 
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+ Entry Level/Budget—basic model (often with home or business versions) featuring 
average components and a trade-off between features and portability. 

+ Ultraportable—very small and light machines offering extended operating time on 
battery power. The trade-off here is smaller screen size, lower capacity drives, and 
fewer peripherals. 

* Desktop Replacement—a powerful machine with similar performance, capacity, 
and peripherals to a desktop PC. The trade-off is that these machines are less 
portable and less able to run for long on battery power. 

* Media Center—portable home entertainment systems, featuring large screens, 
storage capacity, media features (such as TV tuner, video recording, and surround 
sound), and components capable of running the latest games. 

* Gaming Laptop—an increasingly popular class of machine. ATI and NVIDIA are 
producing more graphics adapters designed for laptops, though they cannot quite 
match the power of desktops built for gaming. 


Although laptops can use peripheral devices, the basic input and output devices are 
provided as integrated components. 


TOUCHPADS 


Almost all laptops use touchpads as the primary pointing device. Moving a finger over 
the touch-sensitive pad moves the cursor and tapping it issues a click. Touchpads also 
come with buttons and scroll areas to replicate the function of a mouse's scroll wheel. 
Most touchpads now support multi-touch or using gestures, such as a pinch to zoom 


the display. 
eo 
| 
Buttons Pointers Pointer Options Wheel 
Hardware SetPoint Settings @) Device Settings | 
Synaptics Pointing Device - v15.3.6 05May11 
| 
Devices: 
Enabled | Name Port 
Yes Synaptics TouchPad V7.4 PS/2 | 
@ Properties for Synaptics TouchPad V7.4 on PS/2 Port 3 x 
Select an item 
Di Overview 
[erse] | Scrolling 
|” Disable intemal pointing device when extemal USB f Pinch Zoom 
Rotating 
Tray Icon Pointing 
Buttons 
$ 
Remove tray icon from taskbar Tang 
( Static tray icon in taskbar Application Gestures 


O) Synaptics” 


(© Animated tray icon in taskbar 


This Properties window allows you to personalize your pointing device A 
settings. Use the menu tree to the left to access the customizable 

features. These include singlefinger pointing and scrolling options, plus 
multifinger gestures to manipulate documents, objects, and applications 


Using the Properties Window 

Click on a feature in the menu tree to see a page of descriptions and 

settings for that feature. Some features have several pages of settings 

Click on the + (plus sign) next to a feature to see all its related pages. The 
settings will appear in the window to the right of the menu tree. Information 
about these options and instructions on how to change them will appear 

here in this information box. You can use the scroll bar to view the v 


Defaults www_synaptics.com Cancel | | 


The Mouse applet in Control Panel allows you to configure both mice and touchpads—installing the 
vendor's driver makes extra configuration settings available. 


OK 


In Windows®, the touchpad can be configured using the Mouse applet in Control Panel. 
Installing the manufacturer's driver will make the device-specific options available, 
such as configuring scroll areas or gesture support. 
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this to be interpreted as a click event. If this happens a lot, adjust the sensitivity setting or 


© Note: When you are using a touchpad, it is easy to brush the pad accidentally and for 
completely disable the Tap to click functionality. 


KEYBOARDS 


Apart from being flatter and more compact, a laptop keyboard is similar to a desktop 
keyboard. The main difference is the Function (Fn) keys operate using the Fn key with 
the top row of numerals. 


Note: Actually, many desktop keyboards also include function keys to support use as an 
external keyboard for a laptop. If not being used with a laptop, these keys can be 


mapped to perform different functions. 


@ + 
> 


DEPEEELELL Le 
eee eA 


A laptop keyboard with function and media control keys across the top. 


These Function (Fn) keys perform laptop-specific functions indicated by distinctive 
icons. Typical functions include: 


+ Display—toggle the video feed between the built-in laptop display, the built-in 
display and an external monitor (dual display), and an external monitor only. 

* Screen orientation—some tablet/laptop hybrids have rotatable screens while 
others can be used in tablet mode and can switch the screen orientation 
automatically between portrait and landscape modes depending on how the device 
is being held. A screen orientation function key will allow you to choose whether to 
lock the screen in one orientation. 

* Wireless/Bluetooth/Cellular/GPS—toggle the radio for Wi-Fi, Bluetooth®, cellular 
data, and/or Global Positioning System (GPS) on and off. Each of these settings 
might be separately configurable or be selectively disabled via different toggle 
states and indicators. There is often an airplane mode toggle to completely disable 
all wireless functions. 

* Volume—adjust the sound up, down, or off (mute). 

* Screen brightness—dim or brighten the built-in display. 

* Keyboard backlight—illuminate the keys (useful for typing in low light). 

* Touchpad—sometimes the touchpad can interfere with typing, causing the cursor 
to jump around. A touchpad toggle allows you to enable or disable it as required. 

* Media options—this allows control over audio and video playback, such as stop, 
pause, fast forward, and rewind controls, or skipping between tracks. 


Depending on the size of the chassis, a laptop keyboard may not support a numeric 
keypad. In this case, some of the ordinary keys may function as a keypad in 
conjunction with NumLock or the Fn key. 


Note: One issue to watch out for in laptop keyboards and chassis designs is flex, where 
the board buckles slightly when keys are pressed. None of the input devices on a laptop 


are really suitable for sustained use. An external keyboard and/or mouse can of course 
be connected using a USB or wireless port. 
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CONFIGURATION OF KEYBOARD SETTINGS 

In Windows, you use the Keyboard applet in Control Panel or Windows Settings to 
configure options such as the repeat rate and sensitivity for keys. The vendor driver 
may make additional settings available for configuring function keys. 


E SetPoint Settings = x 
My Keyboard 
Media Keyboard Elite 
Hot Key Settings E 
Select Hot Key Select Task 
LF | CRN | © Defaut Tsk 
x; e ~ * Favorites O Open Web Page 
@ En E-Mail O Launch Program 
fh Messenger : 
JJ Media Player O open Fie 
Q Zoi Jà O Open Folder 
Q Zoom out O Show Custom Menu 
Q Zoom Reset O Keystroke Assignment 
B Calculator O Document Flip 
O Do Nothing 
Restore Defaults Online Help 
@- Logitech ok Cancel Apply 


Logitech SetPoint software for configuring programmable keys and hot keys. 


DISPLAYS AND TOUCHSCREENS 


Most modern laptop displays are also touchscreens of one kind or another. Some can 
be used with a stylus as well as (or instead of) finger touch. 


Another important point to note about the laptop display screen is that it holds the 
antenna wires for the Wi-Fi adapter. These are connected to the adapter via internal 
wiring. 


ROTATING OR REMOVABLE SCREENS 


Some laptops are based on tablet hybrid form factors where the touchscreen display 
can be fully flipped or rotated between portrait and landscape orientations. Another 
approach, used on Microsoft's Surface® tablets, is for the keyboard portion of the 
laptop to be detachable and for the screen to work independently as a tablet. 


Note: In Windows 10, tablet mode for the Start Screen is selected automatically (by 

Q default) on hybrid devices. For example, removing the keyboard from a Microsoft Surface 
tablet or folding the screen of an HP X360 device over through 360 degrees puts Windows 
10 into tablet mode. You can use Windows 10 settings to manually select tablet mode 
and to configure these automatic behaviors. 
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TOUCHSCREEN CONFIGURATION 


In Windows, touchscreen options are configured using the Tablet PC Settings and Pen 
and Touch applets. 


W Tablet PC Settings x 
Display Other 
Configure 
Configure your pen and touch "setup... | 
displays. < ; 
Display options 
Display: 1. K 
Details: Full Windows Touch Support 
Calibrate... @ Reset... 


Choose the order in which your screen rotates. 
Go to Orientation 


OK Cancel App 


Use the Tablet PC Control Panel applet to set up or calibrate a touchscreen. (Screenshot used with 
permission from Microsoft.) 


You can use Tablet PC Settings to calibrate the display and set options for orientation 
and left- or right-handed use, and you can use Pen and Touch to configure gesture 
settings, such as using tap-and-hold to trigger a right-mouse click event. 


EXPANSION OPTIONS 


Laptops ship with standard wired ports for connectivity. The ports are usually arranged 
on the left and right edges. Older laptops might have ports at the back of the chassis. 
There will be at least one video port for an external display device, typically HDMI or 
DisplayPort/Thunderbolt, but possibly VGA or DVI on older laptops. There will also be a 
number of USB Type A ports and one or more USB Type C ports on a modern laptop, 
one of which may also function as a Thunderbolt port. 


Other standard ports include microphone and speaker jacks and RJ-45 (Ethernet) for 
networking. Finally, a laptop might come with a memory card reader. 


USB provides a simple means of adding or upgrading an adapter without having to 
open the laptop chassis. USB adapters (or "dongles") can provide a wide range of 
functionality: 


« USB to RJ-45—provide an Ethernet port for a laptop or mobile device. Ultrathin 
laptops often omit a built-in RJ-45 port as it is too tall to fit in the chassis. 
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A 


USB to Ethernet adapter. (Image © 123RF.com.) 

* USB to Wi-Fi/Bluetooth—this might be used to upgrade to a better Wi-Fi standard 
than the laptop's built-in adapter. Most dongles will also function as a Bluetooth 
adapter. Some Wi-Fi dongles are compact but those lacking large antennas may not 
perform well; the drawback of large antennas is, of course, that they protrude 
significantly. 

+ USB Optical Drive—most ultraportable laptops no longer feature optical drives as 
they cannot fit within the ultrathin chassis. 


PORT REPLICATORS 


A port replicator usually attaches to a special connector on the back or underside of a 
portable computer. It provides a full complement of ports for devices such as 
keyboards, monitors, mice, and network connections. A replicator does not normally 
add any other functionality to the portable computer. 


. oa 
‘en 1 


A port replicator. (Image by Elnur Amikishiyev © 123RF.com.) 


DOCKING STATIONS 


A docking station is a sophisticated port replicator that may support add-in cards or 
drives via a media bay. When docked, a portable computer can function like a desktop 
machine or use additional features, such as a full size expansion card. 
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A laptop docking station. (Image by Luca Lorenzelli © 123RF.com.) 


Note: Most port replicators and docking stations use proprietary connectors. There are 
USB versions but their performance can be a bit erratic. 


PHYSICAL LOCKS 

Being so portable makes laptops easy devices to steal. Many cable locks are available 
to chain the laptop to a desk. These are typically either key or combination operated. If 
key operated, make sure you record the key code in case you need to get a 
replacement. 


Kensington laptop locks. (Image by © 123RF.com.) 


Most laptops come with a connection point for a Kensington lock in the chassis. 
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Activity 8-1 


Discussing Laptop Features 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What feature would you expect to find on a modern touchpad, compared to 
older models? 


2. True or false? Touchpad settings would be configured via the Touch applet in 
Windows Control Panel. 


3. What two display settings would you expect to be able to control via a 
laptop's Fn keys? 


4. What device would you use to extend the functionality of a laptop while 
sitting at a desk? 


5. What connectivity issue is resolved by providing a USB-to-RJ-45 dongle? 


6. What is the brand name of the standard cable lock security system for 
laptops? 
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Topic B 


Install and Configure Laptop Hardware 


EXAM OBJECTIVES COVERED 
a 1001-1.1 Given a scenario, install and configure laptop hardware and components. 


1001-1.2 Given a scenario, install components within the display of a laptop. 
1001-5.5 Given a scenario, troubleshoot common mobile device issues while adhering to 
the appropriate procedures. 


There will be situations where dealing with external components won't completely 
address the issues or problems a user is having with his or her laptop. You will need to 
be able to install and configure internal laptop hardware components. 


LAPTOP DISASSEMBLY PROCESSES 


When it comes to performing upgrades or replacing parts, there are some issues 
specific to laptops that you should be aware of. 


Note: Only open a laptop to access internal components if it is no longer under warranty 
or if you are an authorized technician for the laptop brand. 


HAND TOOLS AND PARTS 


Laptops use smaller screws than are found on desktops. You may find it useful to 
obtain a set of jeweler's screwdrivers and other appropriate hand tools. It is also much 
easier to strip the screws—remove the notch for the screwdriver—take care and use 
an appropriately sized screwdriver! 


You need to document the location of screws of a specific size and the location and 
orientation of ribbon cables and other connectors. It can be very easy to remove them 
quickly during disassembly and then to face a puzzle during reassembly. 


Note: A useful tip is to take a photo of the underside of the laptop and print it out. As you 
remove screws, tape them to the relevant point in your picture. This ensures you will not 


lose any and will know which screw goes where. Photograph each stage of disassembly 
so you know where to re-fit cables and connectors. 


As with a desktop, organize parts that you remove or have ready for installation 
carefully. Keep the parts away from your main work area so that you do not damage 
them by mistake. Keep static-sensitive parts, such as the CPU, memory, and adapter 
cards, in anti-static packaging. 


FORM FACTORS AND PLASTICS/FRAMES 


Many laptops are built using proprietary components and scope for customization and 
upgrade is fairly limited. However, as laptops have become cheaper and more popular, 
there are more vendors offering "bare bones" laptops and compatible components. 


The laptop chassis incorporates the motherboard, power supply, display screen, 
keypad, and touchpad. The plastics or aluminum frames are the hard surfaces that 
cover the internal components of the laptop. They are secured using either small 
screws or pressure tabs. Note that screws may be covered by rubber or plastic tabs. 


Make sure you obtain the manufacturer's service documentation before commencing 
any upgrade or replacement work. This should explain how to disassemble the chassis 
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and remove tricky items, such as plastic bezels, without damaging them. You should 
only perform this work if a warranty option is not available. 


LAPTOP FRUs 


Laptops have fewer field replaceable units (FRUs) than desktops. That said, laptop 
components and designs have become better standardized. Using components 
sourced from the laptop vendor is still recommended, but basic upgrade options, such 
as memory and disks, have become much simpler as it reduces warranty support costs 
for the vendors. 


Some FRUs can be accessed easily by removing a screw plate on the back cover 
(underside) of the laptop. This method generally provides access to the disk drive, 
optical drive, memory modules, and possibly Mini PCle adapters such as Wi-Fi cards 
and modems. The connectors can usually be flipped up and down to allow easy 
insertion and removal. 


MASS STORAGE FOR LAPTOPS 
Laptops use the same kind of mass storage devices as PCs: 


* Hard Disk Drive (HDD)—magnetic disk technology offering low cost per gigabyte 
storage. 

* Solid State Drive (SSD)—flash memory technology offering much faster 
performance and less weight and power consumption. SSDs are now the 
mainstream choice for laptops. 

«+ Hybrid—an HDD with a large (8 GB+) cache of flash memory, offering a 
performance boost compared to basic HDDs. 


A laptop typically supports one internal mass storage device only, with extra storage 
attached to an external port. The internal drive can usually be accessed via a panel, but 
you may have to open the chassis on some models. 


Laptop mass storage drives are usually 2.5" form factor though sometimes the 1.8" 
form factor is used. Compared to 3.5" desktop versions, magnetic 2.5" HDDs tend to be 
slower (usually 5400 rom models) and lower capacity. Within the 2.5" form factor, there 
are also reduced height units designed for ultraportable laptops. A standard 2.5" drive 
has a z-height of 9.5 mm; an ultraportable laptop might require a 7 mm (thin) or 5mm 
(ultrathin) drive. 


A laptop HDD with SATA interface. (Image © 123RF.com.) 


Magnetic and hybrid drives use ordinary SATA data and power connectors, though the 
connectors on the drive mate directly to a port in the drive bay, without the use of a 
cable. 1.8" drive bays might require the use of the Micro SATA (USATA or USATA) 
connector. 
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SSD flash storage devices can also use the SATA interface and connector form factors 
but could also use an adapter or memory card-like interface: 


* mSATA—an SSD might be housed on a card with a Mini-SATA (mSATA) interface. 
These cards resemble Mini PCle cards but are not physically compatible with Mini 
PCle slots. mSATA uses the SATA bus, so the maximum transfer speed is 6 Gbps. 

+ M.2—this is a new set of form factors for mini card interfaces. An M.2 SSD usually 
interfaces with the PCI Express bus, allowing much higher bus speeds than SATA. M. 
2 adapters can be different lengths (42 mm, 60 mm, 80 mm, or 110 mm) so you 
should check that any given adapter will fit within the laptop chassis. 80 mm (M.2 
2280) is the most popular length for laptop SSDs. 


@ Note: The specific M.2 form factor is written as 22 nn, where nn is the length, "22" 


refers to the card width, all of which are 22 mm. 


LAPTOP RAM 


Laptop DDR SDRAM is packaged in small modules called Small Outline DIMM 
(SODIMM). Both DDR and DDR2 use 200-pin packages, but the key position for DDR2 is 
slightly different to prevent insertion in a slot designed for DDR. DDR3 uses a 204-pin 
SODIMM module whereas DDR4 modules have 260 pins. 


Laptop RAM. 


The memory is typically fitted into slots that pop-up at a 45° angle to allow the chips to 
be inserted or removed. Sometimes one of the memory slots is easily accessible via a 
panel but another requires more extensive disassembly of the chassis to access. 
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DIMM and Micro-DIMM. These are smaller than SODIMM and used on some 
ultraportable models. Always check the vendor documentation before obtaining parts for 
upgrade or replacement. 


@ Note: There are a couple of other laptop memory module form factors, including Mini- 


ADAPTER CARDS FOR LAPTOPS 


Depending on the design, adapters for modems, wireless cards, and SSD storage cards 
may be accessible and replaceable via screw-down panels. Note that there are a 
number of adapter formats, notably Mini PCle, mSATA, and M.2, none of which are 
compatible with one another. 


You can obtain "wireless" mini PCle or M.2 adapters for laptops that will provide some 
combination of Wi-Fi, Bluetooth, and/or cellular data (4G LTE) connectivity. Remember 
that when upgrading this type of adapter, you need to re-connect the antenna wires 
used by the old adapter or install a new antenna kit. The antenna wires are usually 
routed around the screen in the laptop's lid. The antenna connections can be tricky 
and are quite delicate, so take care. 


If installing an adapter with cellular functionality, remember to insert the SIM as well. 


OPTICAL DRIVES FOR LAPTOPS 


Laptops use slimline optical drive units. The unit is typically accessible from the bottom 
panel. As with a hard drive, the unit mates with a fixed SATA data and power connector 
at the back of the drive bay. You will typically need to replace the device with the same 
Original Equipment Manufacturer (OEM) part, or at least the same caddy design. 


Note: Optical drives are of decreasing relevance to mobile computing. It is more cost- 
effective to use an external drive as a replacement. You might want to consider replacing 
an optical drive with a second hard drive. The hard drive must be fitted to a caddy that 
fits the optical drive bay. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
and job aids on How to Upgrade Laptop System Components. 


K3 O © 


LAPTOP CPU AND MOTHERBOARD UPGRADES 


The CPU is generally upgradeable as long as the new device is supported by the 
motherboard. 


Note: Some laptop CPUs—those that use Ball Grid Array (BGA) sockets—are soldered to 
the motherboard and, therefore, are not upgradeable. 


The CPU is covered by a heatpipe, rather than a heat sink. This is a long, flat metal strip 
that conducts heat toward the fan. Otherwise, it is locked into place in much the same 
way as a desktop CPU. 


There will be few occasions when it is economical to replace the system board itself. If 
you do need to do so, detach the stand-offs that hold the board to the chassis. If 
upgrading the system board, you will probably also need to update the chipset driver 
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(or notebook system software) and allow Windows to discover the new device using 
Plug-and-Play. 


LAPTOP VIDEO CARD UPGRADES 


Laptops often use an integrated graphics adapter that is part of the system chipset or 
CPU, especially at the lower end of the market. Integrated graphics can be 
advantageous in terms of battery life and cooling. However, as laptops get used more 
and more as desktop replacements, particularly as game machines, dedicated graphics 
becomes important. Cheaper graphics adapters may also feature a limited amount of 
onboard memory (or none at all). In this scenario, they share system memory with the 
CPU. Obviously, this decreases the amount of system memory available. 


Few laptop video cards are actually upgradeable, though they may be replaceable. This 
is because high-end cards tend to have specific power and cooling requirements and a 
modular approach is not possible given the limited space available. 


LAPTOP COMPONENT REPLACEMENT 


There are other components that you may need to replace to effect repairs. In most 
cases, you will need to source "like-for-like" replacements to ensure the proper fit. 


LAPTOP DISPLAY AND DIGITIZER REPLACEMENT 
A built-in laptop display will be one of three types: 


* LCD (TFT) with fluorescent backlight—this has been the standard display technology 
for the last few years. The backlight is a fluorescent bulb that illuminates the image, 
making it bright and clear. An inverter supplies the correct AC voltage to the 
backlight from the laptop's DC power circuits. 

* LCD with LED backlight—manufacturers are increasingly switching to this 
technology. LED backlights do not require an inverter. 

* OLED—this technology is expensive at the screen size required by laptops and there 
are issues with power draw and battery life. Consequently, OLED has not really 
established itself as a mainstream choice for laptop displays. 


When a laptop has a touchscreen display, it will also have a digitizer fitted. The 
digitizer is sandwiched between a layer of glass and the LCD display. Analog signals are 
created when you tap or swipe the surface of the display. The digitizer is connected to 
the laptop with a flexible digitizer cable. A grid of sensors is activated when you tap or 
swipe the screen. The information from the sensors is sent through the digitizer cable 
to a circuit that converts the analog signal to a digital signal. 


If you need to replace a display, digitizer, or inverter, make a very careful record of how 
the existing unit is connected to the video card and system board, including the routing 
of any cables. 


Note: Replacing these components is relatively tricky and upgrading them can be even 
more complex. Make sure you get specific information or advice for the model of laptop 


you are servicing. 


LAPTOP SPEAKER REPLACEMENT 


To replace laptop speakers, you will need to disassemble the laptop to the system 
board. Make sure you obtain replacement speakers that are compatible with your 
laptop model. Remove the old speakers and fit the new ones, remembering to connect 
the audio cable. 
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LAPTOP INPUT DEVICE REPLACEMENT 


Laptop input devices include keyboards, touchpads, webcams, microphones, and 
smart card readers. 


KEYBOARDS AND TOUCHPADS 

When you are replacing components like the keyboard and touchpad, you will almost 
always need to use the same parts. Each part connects to the motherboard via a data 
cable, typically a flat ribbon type. Accessing the parts for removal and replacement 
might require complete disassembly or might be relatively straightforward—check the 
service documentation. 


Note: If you are upgrading the keyboard or touchpad (rather than replacing the same 
part), you may need to install a new driver and configure settings via the Mouse and 


Keyboard applets. 


WEBCAMS AND MICROPHONES 


Almost all laptops come with built-in webcams and microphones. The webcam is 
normally positioned at the top of the display with an LED to show whether it is active. 


Note: Laptop users are understandably worried about the privacy implications of built-in 
webcams. If the laptop is infected with malware, it is usually possible for the malware to 


enable the webcam without activating the LED. 


The microphone will be positioned somewhere on the laptop chassis. There will also 
be microphone and speaker 3.5 mm jacks for the connection of a headset or external 
speakers. 


SMART CARD READERS 

A smart card reader is a feature of enterprise laptops supporting authentication using 
digital smart cards. You will typically need to replace this with the same OEM part. The 
laptop will probably need to be completely disassembled to access the device. It is 
connected to the system board by a data cable. 


LAPTOP POWER SUPPLIES 


Portable computers can work off both building power and battery operation. 


AC ADAPTERS 

To operate from building power, the laptop needs a power supply that can convert 
from the AC (Alternating Current) supplied by the power company to the DC (Direct 
Current) voltages used by the laptop's components. The power supply is provided as 
an external AC adapter. 


AC adapters are normally universal (or auto-switching) and can operate from any 
110-240 VAC 50/60 Hz supply (check the label to confirm). Some adapters (notably 
some sold with US machines) are fixed-input (for instance, they only work with a 115 
VAC supply or have to be manually switched to the correct input). 
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An AC adapter for an HP laptop. (Image by Olga Popova © 123RF.com.) 


Note: Plugging a fixed-input 240 V adapter into a 110 V supply won't cause any damage 
(though the laptop won't work), but plugging a fixed-input 110 V adapter into a 240 V 
supply will. 


will also need a power plug adapter to fit the type of socket used in that country. It is also 
best to get a surge protector designed for the voltage used in the country too. This helps 
to protect the laptop from damage. 


© Note: When you are using a laptop abroad, in addition to a universal AC adapter, you 


AC adapters are also rated for their power output (ranging from around 65-120 W). 
Again, this information will be printed on the adapter label. Output (W) is calculated by 
multiplying voltage (V) by current (I). A larger output will be able to power more 
peripheral devices. 


The power output of adapters and batteries can vary, so using an adapter designed for 
an ultra-mobile model probably won't work with a desktop replacement, even if it's the 
same brand. A 90 W adapter should be sufficient for most uses, but always check the 
documentation carefully. If you need to replace the power supply, it is best to get the 
manufacturer's recommended model, though universal AC adapters are available. 
These typically ship with a number of DC power connectors, which vary quite widely in 
size. They also have variable voltage settings. You must set the voltage correctly before 


plugging it in. 


Note: Most laptops will display a message at boot time if an underpowered AC adapter 
or battery is present. 


DC JACK REPLACEMENT 

It is relatively common for the DC jack to fail. The port can become loose over time or 
the jack itself can become separated from the motherboard. Replacing a DC jack 
means disassembling the laptop, de-soldering and removing the old jack, then 
soldering the new jack into place. Most laptop DC jacks are specific to the 
manufacturer and even the laptop model. 
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Replacement DC jack—the part is soldered to the motherboard via the contact pin seen on the right. 
(Image by Sergey Kolesnikov © 123RF.com.) 


BATTERY POWER 

Laptop computers use removable, rechargeable Lithium ion (Li-ion) battery packs. Li- 
ion batteries have good storage capacity and hold their charge well. They are typically 
available in 6, 9, or 12 cell versions, with more cells providing for a longer charge. 


Before inserting or removing the battery pack, you must always turn the machine off 
and unplug it from the AC wall outlet. A portable battery is usually removed by 
releasing catches on the back or underside of the laptop. 


A removable laptop battery pack. (Image by cristi180884 © 123RF.com.) 


A portable computer's battery can be charged in three ways: 


* Plug the computer into an AC wall outlet with the computer turned off. This method 
is called a quick charge. It takes a couple of hours to fully charge a flat battery. 

* Charge the battery while the computer is plugged into an AC wall outlet and turned 
on. This method is called a trickle charge. Trickle charging is slower because the 
primary use of power is for operating the PC, rather than for charging the battery. It 
can take several hours to charge a battery while the machine is turned on. 

+ Use a battery charger. This method charges the battery while it is not in the 
computer, but involves purchasing an extra charging unit. 


To maximize battery life, different battery types require different charging regimes. 
Always consult the manufacturer's instructions for obtaining optimal battery life for a 
specific product. Modern Li-ion batteries should not be allowed to fully discharge, as 


Lesson 8: Supporting and Troubleshooting Laptops | Topic B 


484 | The Official CompTIA® A+® Core 7 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


this reduces battery life. They benefit from regular charging and have circuitry to 
prevent over-charging. However, some degree of caution should be exercised when 
leaving batteries to recharge unattended (for example, overnight) as this circuitry has 
been known to fail. Do not leave a battery charger close to flammable material and 
ensure there is plenty of ventilation around the unit. 


Li-ion batteries are also sensitive to heat. If storing a Li-ion battery, reduce the charge 
to 40% and store at below 20° C. 


Note: Li-ion batteries hold less charge as they age and typically have a maximum usable 
life of around 2-3 years. If you charge a battery and the run time is substantially 


@ decreased, you may need to purchase a new battery. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 
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Activity 8-2 


Discussing Laptop Hardware 
Installation and Configuration 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What is the process for installing memory in a laptop? 


2. What type of standard adapter card might be used to connect internal FRU 
devices to the motherboard of a laptop? 


3. What distinguishes a magnetic hard drive designed for a laptop from one 
designed for a PC? 


4. Auser reports that when they plug in anything to a USB port on the laptop, the 
device is not recognized by the system. 


Is this something you can easily repair? 
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5. Several laptops need to be replaced in the next fiscal cycle, but that doesn't begin 
for several months. You want to improve functionality as much as possible by 


upgrading or replacing components in some of the laptops that are having 
problems. 


Which items are most easily replaced in a laptop? 
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Activity 8-3 


Installing and Configuring Laptop 
Hardware 


BEFORE YOU BEGIN 
Read the following notes carefully before you start: 


e Create a clean work environment with plenty of working space. 

* Gather all necessary tools and equipment. A notepad and pen will be useful for 
making diagrams and notes. 

* Implement anti-static and safety procedures. 

e Make sure that the laptop is powered off and disconnected from building and 
battery power before proceeding. 

* Always take time and care. 

* Always place static-sensitive equipment such as processors and memory in anti- 
static bags. 


SCENARIO 


In the first part of the activity, you will disassemble a laptop using these steps as your 
guidelines. Check with your instructor for any extra instructions. Your instructor may 
not want you to completely disassemble the laptop due to the risk of breaking plastics, 
etc. If so, make a note now of which step you are to stop at. 


In the second part of the activity, you will reassemble a laptop, working from the notes 
made by your partner. 


1. Shut down Windows and turn off your laptop. 


2. Disconnect all peripherals (keyboard, mouse, and monitor), removable storage 
(media bay or memory card), and power cables from the system unit. Place these 
in a tidy manner under your workbench (or wherever your instructor tells you to). 


3. Remove the laptop battery and store it safely. Hold down the laptop power button 
for 30 seconds. 


4. With the lid shut, flip the laptop and use your notepad and pen to make a diagram 
of the existing layout of cut-out panels and drives, plus their screw locations. 


Some screws may be covered by caps or rubber feet. 


5. Remove each cut-out and its component, making a careful note of how to 
reconnect any wires and cables attached to adapter cards. Carefully put each 
component in an anti-static bag and the screws in a container, using a system to 
identify which screw is used at any given location. 


6. Ifyou are continuing from here, release the screws that secure the chassis and 


the plastics (palm rest and touchpad assembly). Carefully put the screws in a 
container, using a system to identify which screw is used at any given location. 
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7. 


10. 


11. 


12. 


13. 


14. 


Flip the laptop over again, and open the lid. Remove the plastic bezel at the top of 
the keyboard. This might be difficult but take care not to snap it. When lifting the 
bezel, take care to discover whether any cables are connected to it. If there are, 
unplug them and make a note of how they should be re-attached. 


Remove the keyboard by releasing the screws that secure it, then unplugging the 
ribbon cable. Record how the cable should be reattached, then store the 
components. 


Disconnect the LCD cable and LCD power connector connecting the display to the 
motherboard. There is also likely to be a cable connecting the radio antenna 
(running around the screen) to the wireless adapter. Again, make a careful note of 
how to reconnect these components. 


Remove the LCD panel, taking care to handle and store it safely, as it is fragile. 


Locate any remaining cables preventing disassembly of the top panel (touchpad, 
audio connectors, and power button, for instance) taking care to note how they 
should be reconnected. 


Remove any internal drive cages or heat pipes covering the components you want 
to inspect. As with a desktop, make a careful note of how fan power connectors 
are attached. 


Note: This concludes the first part of the activity. 


When you and your partner have completed the first part of the activity, swap 
places and completely reassemble your partner's laptop. Allow them to access 
any notes and diagrams you have made, and tell them of any particular difficulties 
you had during disassembly. 


Reboot the laptop that you just reassembled. If it does not reboot, or if there are 
errors when you try to resolve the problem, ask your instructor for guidance. 
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Topic C 


Troubleshoot Common Laptop Issues 


EXAM OBJECTIVES COVERED 
El 1001-5.5 Given a scenario, troubleshoot common mobile device issues while adhering to 


the appropriate procedures. 


Part of your duties as a CompTIA A+ technician will be helping users when they 
encounter problems with their mobile devices. In this topic, you will troubleshoot 
issues with laptop hardware and associated mobile app issues. 


COMMON LAPTOP ISSUES 


The same basic approach to troubleshooting applies for laptops as it does for desktop 
PCs, though there are some issues specific to laptops and other portable devices that 
you should be aware of. 


* Display issues, including problems with built-in display devices, touchscreens, and 
external displays. 

* Power and cooling issues. 

* Input and output device issues. 

* Communication and connectivity issues. 

* Issues with GPS and location services. 

* OS and app issues, such as performance problems and unresponsive apps. 


DISPLAY ISSUES 
Display issues include: 


* Problems with a built-in display. When you are troubleshooting a laptop display, 
you will often need to take into account the use of the integrated display and/or an 
external display and how to isolate a problem to a particular component, such as 
either display, the video card, or a display toggle. 


The components most likely to fail on an older LCD screen are the backlight and 
inverter. The backlight is a fluorescent bulb that illuminates the image, making it 
bright and clear. The inverter supplies the correct AC voltage to the backlight. If the 
display has been flickering or if the image is very dim, but still present, suspect a 
problem with the backlight or inverter rather than the LCD itself. As you may know 
if you have fluorescent lighting at home, the inverter is more likely to fail than the 
tube itself. 


Many laptops now use LED arrays for the backlight. As these work off DC power, 
there is no inverter. 


The LCD is only likely to need replacing if it gets physically damaged. 


Note: As well as the display itself, it is fairly common for the plastics around the case 
to get cracked or broken and for the hinges on the lid to wear out. The plastics are 


mostly cosmetic (though a bad break might expose the laptop's internal components 
to greater risks) but if the hinges no longer hold up the screen, they will have to be 
replaced. 
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The backlight, inverter, or screen on a laptop can be replaced by unscrewing the 
plastic bezel (the screws will be concealed by rubber stoppers). Take care not to 
damage the connectors once the panel has been freed from its housing. 

* Problems with a touchscreen. Common touchscreen issues include: 


* Touchscreen is not responsive. 
* Touchscreen doesn't act as expected. 
* Problems with an external display. External display issues include: 


* No image on external display. 
+ Wrong image on external display. 
* External display image is too large or too small. 


GUIDELINES FOR TROUBLESHOOTING DISPLAY ISSUES 
Note: All of the Guidelines for this lesson are available as checklists from the Checklist 
tile on the CHOICE Course screen. 


Here are some guidelines for troubleshooting display issues. 


TROUBLESHOOT BUILT-IN DISPLAY ISSUES 


Consider these guidelines when you need to troubleshoot built-in display issues: 


* Determine whether the source of the problem is the integrated display, an external 
display, or other component of the display subsystem. 


e First check that the video card is good by using an external monitor. Toggle the 
appropriate Fn key—usually Fn+4 or Fn+8. Alternatively, there should be a very 
dim image on the LCD if the graphics adapter is functioning but the backlight/ 
inverter has failed. 

* Ensure the laptop is switched to using the built-in display again. Check that 
power management settings are not set to an energy saving mode that disables 
or dims the backlight. 

* Check that a cutoff switch (a small plastic pin near the hinge connecting the LCD 
to the rest of the chassis) is not stuck. When it is depressed, power to the 
backlight is switched off. 

+ If all these tests are negative, the backlight, inverter, or cable has failed. If the 
backlight flickers (or has been flickering before complete failure), there's more 
likely to be a problem with the inverter. An inverter can be tested using a bulb or 
multimeter, but at this point you will probably need to book the laptop in for 
repair or use it with an external monitor only. 

* Check for physical damage. If the display is damaged (if it has been bent or dented, 
for example), this can cause pixelation problems—areas of the image break down 
with mis-coloring, blockiness, or jaggedness. 

* Check the resolution. LCDs are best used at the native resolution. Any other 
resolution will produce some distortion in the image, which isn't a sign of a fault in 
the screen itself. Also, fast changing images (such as those produced by video 
playback) can produce artifacts on low quality screens. 

* Check the driver. When updating the driver for a display adapter, check whether the 
laptop vendor has released their own driver. Laptops often contain OEM (Original 
Equipment Manufacturer) versions of graphics adapters and you need to use the 
system vendor's driver rather than the retail driver. 


TROUBLESHOOT TOUCHSCREEN ISSUES 


Consider these guidelines when you need to troubleshoot touchscreen issues such as 
unresponsive or misbehaving touchscreens: 
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* Verify that the touchscreen is clean. 
* Look for evidence that the laptop might have been dropped or severely damaged. 


* Try using the device in a different location in case some source of electromagnetic 
interference (EMI) is affecting the operation of the touchscreen. 


e Ifthe laptop has just been serviced, check that the right wires are still connected in 
the right places for the digitizer to function. Remember to ask "What has changed?" 


e If you cannot identify an obvious physical problem, you should attempt to rule out a 
software problem before suspecting a more serious hardware problem. 
* In many cases, a restart may solve the problem. 


* In Windows, you can also try uninstalling the touchscreen driver and reinstalling 
the device, using the latest driver if possible. 


* You could also try running the calibration utility. 


Note: Removing a faulty digitizer from an existing display can be tricky. It might be 
cheaper to replace the whole unit, depending on the cost of parts. 


TROUBLESHOOT EXTERNAL DISPLAY ISSUES 


Consider these guidelines as you troubleshoot external display issues such as no 
image or wrong image on an external display, or if the external display image is too 
large or too small: 


* A keyboard toggle switch cuts the display between built-in only, both 
simultaneously, and external only. Verify this switch is set properly. 

e Windows display settings control whether the external display duplicates or extends 
the built-in one. If there is no external image and the toggle button is set correctly, 
after checking other obvious things (Is the external display switched on? Is it in 
power-saving mode? Is it set to the correct input mode? Is the cable connected?), 
check that the resolution for the external display is appropriate. 

e Look for updated drivers for the graphics adapter and laptop chipset (system 
software). 

* Try a different display unit and/or cable to rule out hardware problems. 


Note: If the external display is connected via a cable, try using a different (known 
good) cable. If the display is using a wireless connection, such as Miracast or Wi-Fi 


Direct, check that both device and display support the same standards. 


POWER AND COOLING ISSUES 


Power and cooling issues include battery issues, AC power issues, and overheating. 


+ Battery issues. If you are working from the battery, first check that it is inserted 
correctly and seated properly in its compartment. Also check whether the battery 
contacts are dirty. You can clean them by using alcohol preps or even just a dry 
cloth. 


An LED may be present to indicate when the laptop is running on battery power or 
an LED may simply show when a battery is being charged. If the battery is properly 
inserted and still does not work, it is most likely completely discharged. If the 
battery will not hold a charge, it could be at the end of its useful life. You can test 
this by using a "known good" battery; if this does not work, then there is something 
wrong with the power circuitry on the motherboard. 


Properly caring for the battery not only prolongs battery life, but also mitigates 
health and safety risks. Using an incorrect battery charging cable or exposing a 
battery to harsh environmental conditions, such as extreme heat, can result in an 
explosion. 
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Short battery life. As batteries age, the maximum charge they can sustain 
decreases, so short battery life will usually indicate that the battery needs replacing. 
If the battery is not old or faulty, you could suspect that an app is putting excessive 
strain on the battery. In Windows 10, you can use the Settings app to identify 
whether an app is having an adverse effect on battery life. 


Settings = x 


Q Home Battery 


System 
% 
99% 
1 Display ——S 
See which apps are affecting your battery life 
d) Sound 


2 ae ; Battery notifications 
C1 Notifications & actions 


No notifications for battery life right now 
J) Focus assist 


© Power & sleep Battery saver 


| © Battery Extend battery life by limiting background activity and push 
notifications when your device is low on battery power. 


œ Storage 
Turn battery saver on automatically if my battery falls below: 


— 20% 


[3 Tablet mode 
5i Multi-tasking 


& Projecting to this PC 


Battery status and notifications in Windows 10. (Screenshot used with permission from Microsoft.) 
Swollen batteries. If you notice any swelling from the battery compartment, 
discontinue use of the laptop immediately. Signs that the battery has swollen can 
include a device that wobbles when placed flat on a desk or a deformed touchpad 
or keyboard. A swollen battery is usually caused by overcharging, indicating some 
sort of problem with the battery's charging circuit, which is supposed to prevent 
overcharging. If a device is exposed to liquid, this could also have damaged the 
battery. 


Li-ion batteries are designed to swell to avoid bursting or exploding but great care 
must be taken when handling a swollen battery to avoid further damage that may 
cause it to burst or explode. It may also be a fire hazard and/or leaking hazardous 
chemicals—do not allow these to come into contact with your skin or your eyes. If 
the battery cannot be released safely and easily from its compartment, contact the 
manufacturer for advice. You should also contact the manufacturer for specific 
disposal instructions. A swollen battery should not be discarded via standard 
recycling points unless the facility confirms it can accept batteries in a potentially 
hazardous state. 


Note: Problems with batteries and AC adapters often occur in batches. Make sure you 
remain signed up to the vendor's alerting service so that you are informed about any 
product recalls or safety advisories. 
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* AC power issues. AC power issues usually surface as problems with a battery not 
charging, slow performance, devices not functioning. error messages, and 
spontaneous rebooting. 

* Overheating. Overheating can be a considerable problem with laptops due to their 
compact size and integrated design. The components are all within close proximity 
and can generate and trap a lot of heat. 

Dust trapped in cooling passages acts as an insulator and can prevent proper 

cooling, possibly resulting in overheating. Excessive heat should be avoided in such 

devices as it can shorten the life of components. 

The bottom surface of the laptop gets quite hot when improperly ventilated. This 

can easily happen when laptops are put on soft surfaces, on people's laps, or in 

places where there is not enough room between the vents and a wall. Sometimes 

people will get careless and unwittingly cover the vents with books, mouse pads, 

etc. 

There are several cooling methods and considerations used to keep the devices 

within a safe heat range for operation: 

e Laptop CPUs are engineered to draw less power and thus run cooler than their 
similarly rated desktop counterparts. 

* Fans are used to move the hot air out from the inside of the laptop case. 

e Limit the use of the laptop battery as much as possible. The battery itself can be 
a heat source. 

* Laptop cooling (or chiller) pads are accessories that are designed to sit under the 
laptop to protect a user from getting a burn from a device overheating. The 
cooler is placed underneath the laptop to move the air away from the device. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


GUIDELINES FOR TROUBLESHOOTING POWER AND 
COOLING ISSUES 


Here are some guidelines for troubleshooting power and cooling issues. 


TROUBLESHOOT BATTERY ISSUES 

Some simple guidelines for acceptable battery maintenance include: 

* Follow manufacturer instructions on the proper charging and discharging of the 
battery. 

e Use the battery charger provided by the manufacturer or an approved replacement 
charger. 

* Never expose the battery to fire or water or drop, throw, or jolt the battery. 

* Only use the recommended battery for your device. 

+ Make use of power management features included with your device/OS to prolong 
battery life. 


TROUBLESHOOT AC POWER ISSUES 

Consider these guidelines as you troubleshoot AC power issues: 

e Ifthere is a power problem, first establish how the laptop should be operated and 
confirm that this procedure is being followed. For example, some laptops require 
that a battery be present, even on AC power. 

e Ifyou experience problems working from AC power, first test the outlet with a 
"known good" device (such as a lamp). Next check that an LED on the AC adapter is 
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green; if there is no LED, check the fuse on the plug and if available, try testing with 
a "known good" adapter. 

If this does not work, inspect the DC socket on the laptop for any sign of damage. 
You could also check the AC adapter using a multimeter. 


Note: Most adapters contain a circuit breaker to prevent overloads. If this trips, it will 
be a few minutes before the adapter will work again. 


Sometimes AC adapters can get mixed up. If an underpowered adapter is used—for 
example, a 65 W adapter is plugged into a 90 W system—the laptop BIOS will 
display a warning at boot time. 

As with desktops, spontaneous reboots may indicate a power problem, though a 
more likely cause is overheating. Another possibility is that peripherals are trying to 
draw down too much power. 

Try disconnecting drives from the media bays or USB then re-booting to see if the 
problem is fixed. Note that larger 3.5" hard drives and external CD/DVD writers will 
typically require their own power supply, even if connected via USB. 


TROUBLESHOOT COOLING ISSUES 


Consider these guidelines as you troubleshoot cooling issues: 


Because laptops do not have the air circulation that desktop PCs do, it is important 
to keep the device air ducts clean. 

In servicing laptops, it is a good practice to regularly blow dust from the cooling 
passages using compressed air or vacuum it with an electronics vacuum. When 
using compressed air to clean the inside of the laptop, you must be cautious of the 
internal components. It is easy to damage other components inside the laptop 
while cleaning. 


INPUT AND OUTPUT DEVICE ISSUES 


Here are some common issues you might encounter with laptop input and output 
devices: 


Input devices. The main problem with keypads tends to be stuck keys. 


Be aware that the Function (Fn) keys can often be used to disable devices, such as 
the wireless adapter. Each device will have an LED on the chassis showing whether 
it is enabled or not. 


If the laptop does not have a separate keypad, users may become confused when 
NumLock is active and the keys go to numeric input. 


Another issue is with using an external keyboard and experiencing problems with 
the Function key being locked. This can typically be solved by turning off NumLock 
on the external keyboard. 

Another problem is where the touchpad is configured to be too sensitive and typing 
causes vibrations that move the cursor. Examples include the pointer drifting across 
the screen without any input or a "ghost cursor" jumping about when typing. 

Sound and speaker issues. On a laptop, problems can arise with the onboard 
speakers and with external speakers, resulting in no sound or distorted sound. 


that supplement the content for this lesson. 


>) Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
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GUIDELINES FOR TROUBLESHOOTING INPUT AND OUTPUT 
DEVICE ISSUES 


Here are some guidelines for troubleshooting input and output device issues. 


TROUBLESHOOT INPUT AND OUTPUT DEVICE ISSUES 


Consider these guidelines as you troubleshoot input and output device issues: 


+ If there is debris under a key, try cleaning with compressed air. 

* Ifthe laptop has been serviced recently and the keyboard has stopped working, 
check that the connector has not been dislodged as some service operations 
require the keyboard to be removed. 


Note: Removing a key on a laptop keyboard can be a risky proposition. They are 
@ typically not the type of key where the key cap is in a peg, which you find on full-sized 
keyboards. Laptop keys are usually floating on a dual-hinge mechanism, usually 
plastic, that will easily break if you attempt to remove it forcefully. Refer to the 
manufacturer's instructions when attempting to fix a key on the keyboard. 


* Ifa device that is activated via a function key is not working, check that it has not 
been disabled by accident. 

+ Ifthe wrong characters appear when you type, check the NumLock status indicator 
if available. 

* For touchpad issues, install up-to-date drivers and configure input options to suit 
the user. Many laptops now come with a Fn key to disable the touchpad. 


© Note: Conversely, mouse problems can often arise following the installation of 


updates or version upgrades. Try to identify "what changed?" when troubleshooting 
problems like this. 
* Ifno sound is played from the onboard speakers: 

* Check that the volume controls have not been turned all the way down or that 
sound has not been muted. Remember that on a laptop there may be function 
or multimedia keys to control the volume. 

* Check that the correct playback device is configured in Windows (using the 
Sound applet in Control Panel). The applet includes a utility that can test the 
speaker setup. 

* Ifyou cannot locate a configuration problem, try connecting external speakers or 
a headset to identify whether the problem may be with the internal speaker unit. 

+ If there is no sound from either type of output, suspect a problem with the 
sound card or internal wiring. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


COMMUNICATION AND CONNECTIVITY ISSUES 


Wi-Fi and Bluetooth connectivity issues on a laptop can be approached in much the 
same way as on a PC. Problems can generally be categorized as either relating to 
"physical" issues, such as interference, or to "software" configuration problems. 


* Remember that wireless devices need power. 
* Wireless devices can often experience difficulties following the laptop being put into 
sleep or hibernation mode. 


+ If there are intermittent connectivity problems, be aware that wireless input and 
communications devices can experience trouble with interference. 
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around the screen). 


@ Note: The radio antenna wire for a mobile will be built into the case (normally 


GPS AND LOCATION SERVICES 


Here are some issues you might encounter with GPS and location services: 


GPS and other wireless functions do not seem to work at all, or they work only 
intermittently. 

GPS does not usually work well indoors as the satellite signals lack the power to 
penetrate dense construction material. Most devices use a combination of GPS and 
the Indoor Positioning System (IPS), which uses information from nearby Wi-Fi 
hotspots, to provide location services. 


GUIDELINES FOR TROUBLESHOOTING COMMUNICATION 
AND CONNECTIVITY ISSUES 


Here are some guidelines for troubleshooting communication and connectivity issues. 


TROUBLESHOOT COMMUNICATION AND CONNECTIVITY ISSUES 
Consider these guidelines when you are troubleshooting issues with communication 
and connectivity: 


If there is a problem with wireless, Bluetooth, or cellular data/GPS: 


* Verify that the adapter is enabled. 

e Check the status of function key toggles on a laptop or use the notification shade 
toggles on a mobile device to check that something like airplane mode has not 
been enabled. 

+ Different wireless functions may be toggled on or off selectively or collectively. 

* Ifthe laptop has been serviced recently and wireless functions have stopped 
working, check that the antenna connector has not been dislodged or wrongly 
connected. 

If a wireless device such as a Bluetooth mouse or keyboard that has been working 

stops, it probably needs a new battery. 

If you experience problems restoring from hibernate or sleep mode, try cycling the 

power on the device or reconnecting it and check for updated drivers for the 

wireless controller and the devices. 

If you are experiencing intermittent connectivity issues: 


* Try moving the two devices closer together. 

* Try moving the devices from side-to-side or up-and-down. 

* Consider using a Wi-Fi analyzer to measure the signal strength in different 
locations to try to identify the source of interference. 

If there is a problem with the Global Positioning System (GPS): 

e Check that the GPS receiver is enabled and that the laptop is not in airplane 
mode. 

* Ensure that Location Services are enabled for the device. 


e Verify that each app has been granted permission to use the service. If the app 
does not prompt for permission if it has not been granted, try uninstalling and 
reinstalling the app. 


that supplement the content for this lesson. 


Q Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
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OS AND APP ISSUES 


Although this topic covers common laptop hardware issues, you should also be aware 
of some problems that can arise from OS and app issues. 


* Slow performance. 

e Unresponsive devices and apps. 

* Email issues. Users often want to send confidential email with the assurance that 
only the recipient can read it. To do this, the recipient sends the sender a digital 
certificate and the sender uses the public key in that certificate to encrypt the 
message. The recipient then uses another part of the certificate (the private key) to 
decrypt the message. If the certificate is missing or not recognized, the device will 
be unable to decrypt the email. 


GUIDELINES FOR TROUBLESHOOTING OS AND APP ISSUES 


Here are some guidelines for troubleshooting OS and app issues. 


TROUBLESHOOT OS AND APP ISSUES 


Consider these guidelines as you troubleshoot OS and app issues on a laptop: 
* For slow performance issues: 


* AWindows laptop might suffer from slow performance for the same reasons as 
a PC and you should approach troubleshooting in the same way. 


Slow performance on a mobile device is likely either to be caused by an app that 
requires a higher system specification or by running too many apps. Mobile 
devices are designed to manage system requirements without intervention from 
the user, but it may be worth closing all apps in case there is a fault in one that 
has not been detected. 
e For unresponsive apps and devices: If an app or the mobile device as a whole is not 
responding—for example, if the screen is frozen or if apps are not loading—or 
performing very slowly, the best solution is usually to perform a reset. 


* App reset: use this if a particular app is not responding. In iOS®, double-click 
Home twice to open the multitasking toolbar then tap-and-hold the app and 
click the Stop icon that appears when it starts jiggling. In Android™, you can 
manage an app's cached data and access a Force Stop option through 
Settings—Applications—Manage Applications. 

* Restart/"soft" reset/power cycle: essentially rebooting the device (without losing 
any settings or data). Holding the Sleep/Wake/Power button down for a few 
seconds brings up a menu prompting the user to turn off the device. When 
troubleshooting, leave the device powered off for a minute then restart by 
holding the Sleep button again. 

* Forced restart: if the touchscreen is not responding to input and you cannot 
perform a power cycle normally, you can force the device to turn off. On an 
Android device, hold down the Sleep/Wake/Power button for 10 seconds; in 
iOS, hold Home+Sleep for 10 seconds. 


* Factory reset/erase: this deletes any user data and settings and puts the device 
in its "vanilla" factory state. In iOS, use Settings—General—Reset— Erase All 
Content and Settings. In Android, select Settings—Backup & reset—Factory 
data reset. 


Note: These procedures can vary from device-to-device so always check the 
instructions. If you cannot get an ordinary screen in Android, check the vendor 


documentation for the hardware buttons to use to get to a boot recovery screen (from 
a powered off state, Power+Volume Down is typical). iOS can be booted in recovery 
mode by holding the Home button when connecting the device to iTunes over USB. 
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* For email issues, use the email client or encryption program's support 
documentation to find out how to install or locate the appropriate certificate. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 
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Activity 8-4 


Troubleshooting Common Laptop 
Issues 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. You are troubleshooting a laptop display. 


If the laptop can display an image on an external monitor but not the built- 
in one, which component do you know is working, and can you definitively 
say which is faulty? 


2. You received a user complaint about a laptop being extremely hot to the touch. 


What actions should you take in response to this issue? 


3. A user complains that their Bluetooth keyboard, which has worked for the last 
year, has stopped functioning. 


What would you suggest is the problem? 


4. A user working in graphics design has just received a new laptop. The user phones 
to say that performance with the graphics program in the office is fine but dismal 
when he takes the laptop to client meetings. 


What could be the cause? 
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5. Alaptop user reports that they are only getting about two hours of use out of the 
battery compared to about three hours when the laptop was first supplied to 
them. 


What do you suggest? 


6. A laptop user is complaining about typing on their new laptop. They claim that the 
cursor jumps randomly from place-to-place. 


What might be the cause of this? 
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Summary 


In this lesson, you performed support and troubleshooting routines on laptop 
computers. Familiarity with using various laptop features and technologies, as well as 
installing, configuring, and troubleshooting laptop components and behavior, will no 
doubt contribute to your success as an A+ support technician. 


In your professional experience, have you supported laptop computers? If not, 
what kind of experience do you have with using them? 


Of the common laptop issues discussed in this lesson, which do you expect to 
encounter most often? Briefly explain your response. 


Practice Question: Additional practice questions are available on the CompTIA CHOICE 
platform within the Assessments tile. 
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Lesson 9 


Supporting and Troubleshooting Mobile 
Devices 


LESSON INTRODUCTION 


Mobile devices are everywhere today. Because of their portability and powerful computing 
capabilities, they are prominent in most workplaces. So, as a certified CompTIA® At+® technician, 
you will be expected to configure, maintain, and troubleshoot mobile computing devices. With the 
proper information and the right skills, you will be ready to support these devices as efficiently as 
you support their desktop counterparts. 


LESSON OBJECTIVES 


In this lesson, you will: 

e Describe characteristics of mobile devices. 

* Connect and configure mobile device accessories. 
* Configure network connectivity for mobile devices. 
* Support mobile apps. 

* Secure mobile devices. 


* Troubleshoot mobile device issues. 
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Topic A 


Mobile Device Types 


EXAM OBJECTIVES COVERED 
A 1001-1.4 Compare and contrast characteristics of various types of other mobile devices. 


Driven by the iPhone® and iPad®, the last few years have seen a huge uptake in the use 
of mobile devices. In some instances they have replaced traditional computer form 
factors (laptop and desktop) for day-to-day tasks, such as messaging/email and 
browsing the web. In this topic, you will learn about the smartphone and tablet form 
factors and about other types of portable computing technologies. 


MOBILE DEVICES 


As an A+ technician, your primary focus is likely to be on the more traditional system 
hardware components and laptop technologies. However, you might also be asked to 
support devices in the mobile computing realm. Not only has mobile technology 
reached a new level of performance and portability, but also the use of these devices is 
on the rise every day. As a certified A+ technician, you will be expected to understand 
how these devices work and how they should be deployed within the workplace. 


Mobile devices such as smartphones and tablets are based on one of three operating 
systems (Apple® iOS®, Android™, or Windows Mobile®) and a store-based software 
ecosystem, which allows for third-party apps to be downloaded to add functionality to 
the device. The main distinction between a smartphone and tablet is the size of the 
device, rather than its functionality. 


The major smartphone and tablet vendors are Apple and Samsung. Other vendors 
include LG, Google™, HTC, Huawei, Motorola/Lenovo, Microsoft®, Nokia, Sony, and 
Amazon™. 


SMARTPHONES 


Asmartphone is a device with roughly the same functionality as a personal computer 
that can be operated with a single hand. Previous handheld computers, known as 
Personal Digital Assistants (PDA), and earlier types of mobile phones with some 
software functionality (feature phones), were hampered by clumsy user interfaces. 
Modern smartphones use touchscreen displays, making them much easier to operate. 


Most smartphones have a screen size between 4.5" and 5.7". Leading smartphones 
provide high resolution screens. For example, the iPhone X has a resolution of 
2436x1125. 


Smartphones have fast multicore CPUs, anywhere between 2 and 6 GB system 
memory, and 16 GB+ flash memory storage. They come with features such as 
premium front and back digital cameras, input sensors like accelerometers, and Global 
Positioning System (GPS) chips. They can establish network links using Wi-Fi and a 
cellular data plan. 


Lesson 9: Supporting and Troubleshooting Mobile Devices | Topic A 


The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 505 


Typical smartphone form factor. (Image © 123RF.com.) 


TABLETS 


Prior to the iPad, tablet PCs were usually laptops with touchscreens. The iPad defined a 
new form factor; smaller than a laptop and with no physical keyboard. Tablets tend to 
be sized at around either 10" or 7" screens. Tablets use a range of screen resolutions, 
depending on the price. Microsoft's Surface® 4 tablet features a resolution of 
2736x1824. 


An example of a tablet. (Image © 123RF.com.) 


Many Windows® mobile devices adopt a hybrid approach where a laptop can be 
converted into a tablet by flipping the screen. Microsoft's Surface Pro tablet is available 
with a detachable keyboard, which can also function as a cover for the screen. Other 
vendors are also producing hybrid devices that can function as both a laptop anda 
tablet. 
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Network links are mainly established using Wi-Fi, although some tablets come with a 
cellular data option, too. 


PHABLET 

Phablets sit between smartphones and tablets in terms of size and usability. The name 
is a portmanteau of Phone and Tablet. They were first popularized by Samsung with 
their successful Note devices. Phablets have screen sizes between 5.5" and 7". These 
devices often come with a stylus which can be used for note taking, sketching, and 
annotations. 


Phablets always come with cellular data and a connection to the phone system, as well 
as Wi-Fi. 


MOBILE DEVICES VS. LAPTOPS 


Laptops and smartphones/tablets/hybrids are obviously all classes of portable or 
mobile devices, but you should be aware of the factors that distinguish them. 


Factor Description 


Processors CPUs and their chipsets for smartphones and tablets are often 
based on the ARM (Advanced RISC Machine) microarchitecture, 
such as the Apple A, Samsung Exynos, and NVIDIA Tegra 
derivatives. RISC stands for Reduced Instruction Set Computing. 
RISC microarchitectures use simple instructions processed very 
quickly. This contrasts with Complex (CISC) microarchitectures, 
which use more powerful instructions but process each one 
more slowly. Intel's PC/laptop CPU microarchitecture is CISC with 
RISC enhancements (micro-ops). 


As well as the computing power to keep up with increasingly 
complex apps and games available for these devices (many 
models are now dual- or quad-core and some use 64-bit CPUs), 
mobile CPUs must deliver power and thermal efficiency to 
maximize battery life to an even greater extent than laptops. 


System memory Tablet RAM (a low power DDR SDRAM variant) works much as it 
does in a PC or laptop to store instructions for the OS when it 
loads plus any apps the user starts. 


Storage Solid State Drives (flash memory) are used for mass storage 
rather than hard disks (though this is increasingly the case for 
laptops and PCs, too). 


Component Many of the hardware components of a laptop can be fixed and 
replacements/ replaced when issues arise. There are few field-serviceable parts 
upgrades in a smartphone or tablet. What makes it difficult to repair a 


tablet is that the parts are soldered and not socketed. Many 
components are glued into place to keep them stable. When 
something breaks, in most cases, the entire device needs to be 
replaced. Similarly, components in a tablet are not upgradeable. 


Operating System Laptops can run a number of different operating systems, 
including versions from Microsoft®, Linux®, and UNIX®. 
Smartphones and tablets can only run the OS that the device 
was manufactured to run (iOS, Android, or Windows). 
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MOBILE DISPLAY/TOUCH INTERFACE 


A touchscreen allows the user to control the OS directly by swiping or tapping with a 
finger (or with a stylus) rather than using navigation buttons or a scroll wheel. 


Modern mobile devices use capacitive touchscreens. These capacitive displays support 
multitouch, meaning that gestures such as "sweeping" or "pinching" the screen can be 
interpreted as events and responded to by software in a particular way. Newer devices 
are also starting to provide haptic feedback, or touch responsiveness, making virtual 
key presses or gestures feel more "real" to the user. On the latest models, screens 
feature light sensors to dim and brighten displays based on ambient conditions. Some 
devices also feature an eye tracking display to scroll up and down based on where the 
user is looking. 


The touchscreen itself is covered by a thin layer of scratch-resistant, shock-resistant 
tempered glass, such as Corning's Gorilla Glass. Some users may also apply an 
additional screen protector. If so, these need to be applied carefully (without bubbling) 
so as not to interfere with the touch capabilities of the screen. 


Apple uses its own version of shatter resistant glass on its current models which is 
coupled with its branded Retina Display. Other manufacturers utilize Samsung-derived 
displays, whereas Samsung's flagship phone utilizes a curved OLED display. 


Most mobile devices can be used either in portrait or landscape orientation. A 
component called an accelerometer can detect when the device is moved and change 
the screen orientation appropriately. There will actually be three accelerometers to 
measure movement along three axes. Newer devices may use both accelerometers 
and gyroscopes to deliver more accurate readings. As well as switching screen 
orientation, this can be used as a control mechanism (for example, a driving game 
could allow the tablet itself to function as a steering wheel). 


On some devices, these sensors can be calibrated via a utility that uses a 
predetermined pattern of movement to calibrate the sensor. 


MOBILE DEVICE FORM FACTORS 


Mobile devices are even less likely than laptops to have field serviceable parts. The 
electronics will be densely packed and often soldered or glued together. Most will 
require return to the manufacturer to replace failed components such as a battery, 
display screen, or storage device. 


F 4 


Mobile handset with cover removed—note the slot for the SIM card in the top-right and that the 
battery is accessible but not designated as user-removable. (Image by guruxox © 123RF.com.) 


Some mobiles have a user-replaceable battery, accessed by removing the cover. There 
will also be a port for a Subscriber Identity Module (SIM) card for GSM-based or 4G LTE 
cellular access. This may also be fitted by removing the case. Refer to the device 
documentation for instructions on removing the case. Always power off the device 
before opening the case. 
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Caution: While it would usually void the warranty to further disassemble the device, 
there may be some circumstances in which you want to replace a part yourself. The best 
guide to doing so is a website hosting gadget "teardown" videos and repair guides, such 
as ifixit.com. 


E-READERS 


Unlike a tablet, an e-reader is designed for the sole purpose of reading digital books 
and magazines (with perhaps the option to add annotations). E-readers use 
electrophoretic ink (e-ink) technology to create an Electronic Paper Display (EPD). 
Compared to the LED or OLED display used on a tablet, an EPD has low power 
consumption but facilitates high contrast reading in a variety of ambient light 
conditions. In typical conditions, these screens do not need to use a backlight, saving 
power and extending battery life. It is not unusual to get several days of usage ona 
single charge for these devices. Like most tablets and smartphones, an e-reader is 
charged using a USB cable. 


An example of an e-reader device. (Image © 123RF.com.) 


E-readers are manufactured for major book retailers such as Amazon and Barnes and 
Noble. They have Wi-Fi connectivity to download e-books directly from the retailer's 
webstore. 


WEARABLE TECHNOLOGY 


Electronics manufacturing allows a great deal of computing power to be packed within 
a small space. Consequently, computing functionality is being added to wearable 
items, such as watches, bracelets, and eyeglasses. 


SMART WATCHES 

Smart watches have risen in popularity in recent years. Current competing 
technologies are based on the Android Wear OS, Samsung's Tizen OS, and Apple iOS, 
each with their own separate app ecosystems. A smart watch is likely to be 
customizable with different watch faces and wrist straps. 
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An example of a smart watch. (Image © 123RF.com.) 


Most smart watches use Bluetooth® to pair with a smartphone. They are able to display 
key information at a glance (emails, messages, and social media status, for instance), 
allowing the user to better interact with the phone. Some newer smart watches are 
starting to appear with their own Wi-Fi connectivity, allowing use of the watch without 
proximity to a paired phone. 


As well as helping with personal information management, many smart watches come 
with health features. Technologies bundled include heart rate monitors via Infrared (IR) 
sensors, accelerometers to measure sleeping patterns and movement for exercise, 
plus cameras and IR sensors to operate devices such as TVs. 


FITNESS MONITORS 

As the name suggests, fitness monitors focus on exercise and health uses rather than a 
range of computing tasks. This makes them cheaper devices than smart watches. They 
usually connect via Wi-Fi or Bluetooth to send data to a mobile app or PC software for 
analysis. Some feature a GPS tracker to allow runners to map their exercise accurately. 


Example of a wearable fitness monitor. (Image © 123RF.com.) 


Features of fitness monitors might include: 

* Pedometer to count the steps taken during a specified period of time. 
* Accelerometer to measure the intensity of the workout. 

* Heart rate and blood pressure monitors. 

* Acalculation of the number of calories burned. 
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VR/AR HEADSETS AND SMART GLASSES 


A Virtual Reality (VR) headset is designed to replace what you can see and hear in the 
real world with sights and sounds from a game or conferencing app generated by 
software. There are tethered VR headsets that connect to a computer as a peripheral 
device, but it is also possible to use a smartphone with a headset to get the VR 
experience. 


Mobile VR headsets, such as Samsung Gear or Google Daydream View™, only work 
with selected (premium) smartphone models. These headsets contain lenses that split 
the smartphone display into a stereoscopic image, giving the illusion of depth. The 
headsets also come with a motion controller to allow you to interact with objects in the 
VR environment. 


Note: There are also standalone mobile VR headsets, such as the Oculus Go. This 

D contains a basic smartphone (without cellular capability) embedded in the headset. Apple 
does not make a VR headset for the iPhone (at the time of writing), but there are third- 
party options. 


Augmented Reality (AR) is a somewhat similar technology to VR. Rather than provide 
a completely simulated environment, AR projects digital artifacts onto "ordinary" 
reality. This could be as simple as providing context-sensitive notes, messages, or 
advertising or as complex as generating digital avatars within the real world. This latter 
technique is exploited by popular smartphone camera games, such as Pokémon Go, 
which enables you to locate collectible cartoon characters in unlikely real world 
locations through your smartphone camera. Another use case is an app like Samsung's 
AR Emoji, which transforms people captured in the viewfinder in various unsettling 
ways. 


There are also some AR devices, though they have not gained a very large market yet. 
Smart glasses were pioneered by Google with their Google Glass range and Google is 
rumored to be working on a more sophisticated AR headset (codenamed Google A65 
at time of writing). Other AR-like devices are made by Microsoft (HoloLens®) and AiR for 
industrial applications. 


Example of smart glasses. (Image © 123RF.com.) 


Network connectivity and pairing with other mobile devices is provided by Wi-Fi and/or 
Bluetooth. Most AR headsets or smart glasses also come with a camera, and there are 
issues arising due to the potential invasion of privacy or breach of confidentiality such 
a relatively concealed recording device could pose. 


Input methods allowing the user to control the software running on the glasses include 
buttons, eye tracking, natural language voice input, plus gesture controls. 
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GPS NAVIGATION DEVICES 


A Global Positioning System (GPS) chip is built into most smartphones and many 
tablets and other smart devices, but there are also dedicated GPS navigation devices 
(also called sat navs, for "satellite navigation"). These come in 5-6" models aimed both 
at in-vehicle use and smaller clip-on devices for walkers and cyclists. GPS devices 
combine providing an accurate geolocation system with map and local traffic 
information to allow users to plot routes and help them follow a route with turn-by- 
turn navigation advice. Some devices use over-the-air radio to provide live traffic 
information; other models have to be tethered to a smartphone to use its data plan. 
Most are touchscreen-operated with many models also supporting voice control. 
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Activity 9-1 


Discussing Mobile Device Types 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What are the principal characteristics of the phablet form factor? 


2. What is the relevance of ARM to smartphones? 


3. True or false? Smartphones use a type of memory technology that works 
both as system memory and as persistent storage. 


4. What is meant by wearable technology? 


5. What technology gives an e-Reader better battery life than a tablet? 
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Topic B 


Connect and Configure Mobile Device 


Accessories 
EXAM OBJECTIVES COVERED 

A 1001-1.5 Given a scenario, connect and configure accessories and ports of other mobile 
devices. 
1001-2.7 Compare and contrast Internet connection types, network types, and their 
features. 


Mobile devices gain much of their functionality by being able to connect to the user's 
regular computer. By making the files available on the mobile device, they can 
continue working on the files from a mobile device. Being able to connect the mobile 
device back to the computer might require additional accessories. In this topic, you will 
examine the connection types and accessories used for mobile devices. 


WIRED CONNECTIONS FOR ACCESSORIES 


Although mobile devices are designed to be self-contained, there is the need to attach 
peripheral devices, connect to a computer, or attach a charging cable 


APPLE DOCK AND LIGHTNING CONNECTORS 


Older Apple devices use a proprietary 30-pin dock connector, enabling connections to 
various peripheral devices. The dock is also used to charge the battery. A dock- 
connector to USB cable facilitates connections to a USB bus (that is, to a PC), though 
not the connection of USB devices such as hard drives to the iPhone/iPad. 


On the latest Apple devices, the 30-pin dock connector is replaced by an 8-pin 
Lightning® connector (also proprietary). The Lightning connector is reversible (can be 
inserted either way up ). There are various Lightning converter cables to allow 
connections to interfaces such as HDMI, VGA, and SD card readers. 


USB CONNECTORS 

Android-based devices usually have a Micro-B USB port for charging and connectivity. 
You might find older devices using the Mini-B USB port. New devices are quickly 
adopting the USB-C connector. One issue for Android is that there is no standard way 
of positioning the connectors, so connections to devices such as speaker or charging 
docks tend to have to use a cable. 


WIRELESS CONNECTIONS FOR ACCESSORIES 


Short-range wireless connectivity is often a better option for mobile devices than wired 
connections. 


BLUETOOTH 


Bluetooth is used for so-called Personal Area Networks (PAN) to share data between 
devices and connect peripheral devices to hosts, such as smartphones and tablets. 
Bluetooth is a radio-based technology but it is designed to work only over close range. 
Bluetooth is quoted to work at distances of up to 10 meters (30 feet) for Class 2 devices 
or 1 meter (3 feet) for Class 3 devices. Devices supporting the Bluetooth 2.0— 
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Enhanced Data Rate (EDR)— standard have a maximum transfer rate of 3 Mbps; 
otherwise, the maximum rate is 1 Mbps. 


Note: Bluetooth 3 supports a 24 Mbps HighSpeed (HS) mode, but this uses a specially 
negotiated Wi-Fi link rather than the Bluetooth connection itself. 


Bluetooth needs to be enabled for use via device settings. You may also want to 
change the device name—remember that this is displayed publicly. Opening the 
settings page makes the device discoverable to other Bluetooth-enabled devices. 


304 & 19:51 


Bluetooth 


On 


Available devices 


CO COMPTIA 


COMPTIA-MOBLLE is visible to nearby devices while 
Bluetooth Settings is open. 


Enabling Bluetooth on an Android device. In this figure, the Android device is named "COMPTIA- 
MOBILE." "COMPTIA" is a nearby Windows PC with Bluetooth enabled. 


NFC 


An increasing range of smartphone models have Near Field Communications (NFC) 
chips built in. NFC allows for very short range data transmission (up to about 20 cm/8 
in) to activate a receiver chip in the contactless credit card reader. The data rates 
achievable are very low but these transactions do not require exchanging large 
amounts of information. 


NFC allows a mobile device to make payments via contactless Point-of-Sale (PoS) 
machines. To configure a payment service, the user enters their credit card 
information into a Mobile Wallet app on the device. The wallet app does not transmit 
the original credit card information, but a one-time token that is interpreted by the 
card merchant and linked backed to the relevant customer account. There are three 
major Mobile Wallet apps: Apple Pay, Android Pay, and Samsung Pay. Some PoS 
readers may only support a particular type of wallet app or apps. 


As with Bluetooth, NFC can be enabled or disabled via settings. The device must be 
unlocked to initiate a transaction. 
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InfraRed (IR) 

Many mobile devices are also equipped with an infrared (IR) sensor or blaster. This is 
not used for data connections as such but does allow the device to interact with 
appliances such as TVs and set-top boxes. An app on the device can be installed to 
allow the mobile device to be used as a remote control for the appliance. 


TETHERING AND MOBILE HOTSPOTS 

Tethering refers to using a mobile device's cellular data plan to get Internet access on 
a PC or laptop (or other device). Not all carriers allow tethering and some only allow it 
as a chargeable service add-on. Connect the device to the PC via USB or Bluetooth, 
then configure tethering settings through the Settings—Network menu. 


iw 304 20:14 


€  Tethering & mobile hotsp... 


USB tethering 
Tethered @ 


Mobile Wi-Fi hotspot 


Set up Wi-Fi hotspot 
COMPTIA-MOBILE-HOTSPOT WPA2 PSK mobile 
Wi-Fi hotspot 


Bluetooth tethering 
Not sharing this phone's Internet 
connection 


Configuring tethering on an Android phone. The device in this figure is connected to the PC over USB, 
but you could use Bluetooth too. 


If you want to provide access to more than one device, you can enable the Mobile 
Hotspot setting. Configure the device with the usual settings for an access point 
(network name, security type, and passphrase) and then other devices can connect to 
it as they would any other WLAN. 


Lesson 9: Supporting and Troubleshooting Mobile Devices | Topic B 


516 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


$04 G 20:33] M © ¥ 46 i Ū 20:15 


€  Tethering & mobile hotsp... 


Set up Wi-Fi hotspot 
Network name 


COMPTIA-MOBILE-HOTSPOT 


USB tethering 
USB connected, select to tether 


Mobile Wi-Fi hotspot 


Security 
WPA2 PSK 


Password 


Mobile hotspot COMPTIA-MOBILE- @ 
HOTSPOT active 


Set up Wi-Fi hotspot 
COMPTIA-MOBILE-HOTSPOT WPA2 PSK mobile 
Wi-Fi hotspot 


The password must contain at least 8 
characters. 


C] Show password 


Select AP Band 
2.4 GHz Band Y 


Bluetooth tethering 


Not sharing this phone's Internet 
connection 


CANCEL SAVE 


Configuring mobile hotspot settings (left) then enabling it (right). In this figure, hosts can connect to the 
"COMPTIA-MOBILE-HOTSPOT" network and use the device's cellular data plan to get Internet access. 


COMMON MOBILE DEVICE ACCESSORIES 


Some popular peripheral options for mobile devices include the following: 


Peripheral 
External keyboard 


Headset 


Speaker dock 


Game pad 


Micro-SD (Secure 
Digital) slot 


Description 


As the touchscreen keyboards can be quite small and difficult to 
use, an external keyboard facilitates any extended typing work. 


Provides audio input/output. As well as being useful for the 
phone function, some devices support voice recognition. There 
will usually be an audio connector for headsets or they can be 
connected via Bluetooth. 


Allows the device to play audio through external speakers. These 
can be connected either via the data port, the 3.5 mm audio jack, 
or more commonly through Bluetooth. 


Allows the use of a console-type controller (with joystick, cursor 
pad, and action buttons) with compatible mobile game apps. The 
game pad will come with some sort of clip to place the 
smartphone in. It must then be connected via USB or Lightning or 
paired with the device over Bluetooth. The functionality of the 
joystick and buttons is configured through each app individually. 


Allows the device's internal storage to be supplemented with a 
removable memory card. 


DOCKING STATIONS 
As modern smartphones develop, manufacturers have been able to include processing 
power to rival some desktops and sometimes even replace them altogether. A 
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smartphone docking station connects the device to a monitor and input devices 
(keyboard and mouse). 


ag 


Example of a smartphone dock. (Image © 123RF.com.) 


PROTECTIVE COVERS AND WATERPROOFING 


Although they are made from relatively tough components, mobiles are still prone to 
damage from dropping, crushing, scratching, or immersion. Rigid or rubber protective 
covers mitigate this risk a little. Covers can also often function as a stand so that the 
device can be placed upright on a desk. Many smartphone users also just like to 
personalize their phone with a cover. 


A screen protector is a thin but tough film designed to provide extra protection for the 
display without compromising touch sensitivity. 


Some cases are able to provide a degree of waterproofing. Some mobile devices are 
designed to be inherently waterproof. Waterproofing is rated on the Ingress 
Protection (IP) scale. A case or device will have two numbers, such as IP67. The first 
(6) is a rating for repelling solids, with a 5 or 6 representing devices that are dust 
protected and dust proof, respectively. The second value (7) is for liquids, with a 7 
being protected from immersion in up to 1 m and 8 being protected from immersion 
beyond 1 m. 


Q Note: If dust protection is unrated, the IP value will be IPX7 or IPX8. 


CREDIT CARD READERS 

For devices with the appropriate port, a credit card reader can be added to a tablet or 

smartphone. This enables mobile vendors, such as those at festivals or street vendors, 
to take credit card payments without having a network cable or phone line connected 

to the credit card reader. 


MOBILE POWER 

Obviously, smartphones and tablets are primarily designed to work from battery 
power but can be plugged into building power via the charging cable and adapter. 
Some devices come with removable battery packs but these are very much the 
exception rather than the rule. Most vendors try to design their devices so that they 
will support "typical" usage for a full day without charging. 


The charging speed that can be expected depends on what kind of USB connection is 

available: 

+ USB over Type A/B ports and power adapters can supply up to 2.5 W (500 mA at 5 V) 
for USB 2 or 4.5 W (900 mA at 5 V) for USB 3. 

* Quick Charge (QC) adapters can deliver up to 18 W over USB Type A/B ports. 

* Computer ports and charging adapters using USB-C can nominally supply up to 100 
W (5 A at 20 V). Not all devices will be able to draw power at that level, though. 

e Wireless charging (by induction) pads and stands can supply up to 15 W. Most 
wireless charging devices are based on the Qi standard developed by the Wireless 
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Power Consortium. Some chargers may be capable of charging multiple devices 
simultaneously. 

* Portable charging banks provide a larger battery, such as 10,000 or 20,000 milliamp 
hours (mAh), than is found in a typical phone. This allows the phone to be charged 
from the power pack two or three times before the power pack itself needs 
recharging. The output of these devices ranges from 2.1 A to about 5A. 


Note: If connected to a computer (or a laptop running on AC power) the device will 
trickle charge, which takes longer (try disconnecting other USB devices to improve 


charge times using this method). Also, the Quick Charge standard imposes a phased 
charging regime to protect battery lifetime (overcharging can reduce the maximum 
possible charge more quickly). If power is available, the battery is fast-charged to 80% 
and then trickle charged. 


As the battery ages, it becomes less able to hold a full charge. If it is non-removable, 
the device will have to be returned to the vendor for battery replacement. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
VS and job aids on How to Connect and Configure Mobile Device Accessories. 
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Activity 9-2 


Discussing Mobile Device Accessory 
Connection and Configuration 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What type of peripheral port would you expect to find on a current 
generation smartphone? 


2. How would you upgrade storage capacity on a typical smartphone? 


3. What technology do smartphones use to facilitate payment at points of 
sale? 


4. True or false? An IP67-rated smartwatch could be considered risk-free for 
wear while swimming in an indoor pool. 
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Topic C 


Configure Mobile Device Network 
Connectivity 


1001-1.6 Given a scenario, configure basic mobile device network connectivity and 
application support. 

1001-2.7 Compare and contrast Internet connection types, network types, and their 
features. 

1001-3.9 Given a scenario, install and configure common devices. 


B EXAM OBJECTIVES COVERED 


In this topic, you will examine some of the features and methods used to connect 
mobile devices to networks and the Internet. 


CELLULAR DATA NETWORKS 


Cellular data means connecting to the Internet via the device's cell phone radio and 
the handset's cellular network provider. The data rate depends on the technology 
supported by both the phone and the cell tower (3G or 4G, for instance). When a 
mobile device uses the cellular provider's network, there are likely to be charges based 
on the amount of data downloaded. These charges can be particularly high when the 
phone is used abroad (referred to as roaming) so it is often useful to be able to disable 
mobile data access. 
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Cellular data options in iOS (left) and Android (right). 
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The indicator on the status bar at the top of the screen shows the data link in use. A 


device will usually default to Wi-Fi if present and show a signal strength icon. “* 
A device using a cellular data network may show a strength icon for a 4G network 


a8 Pi or the type of data network (H+ for HSPA+ for instance). 


The cellular data connection can usually be enabled or disabled via the notification 
shade but there will also be additional configuration options via the Settings menu. 
You can usually set usage warnings and caps and prevent selected apps from using 
cellular data connections. 


MOBILE HOTSPOTS AND TETHERING 

As explained earlier, tethering means connecting another device to a smartphone or 
tablet via USB or Bluetooth so that it can share its cellular data connection. You can 
also share the link by configuring the smartphone or tablet as an access point, turning 
it into a personal or mobile hotspot. 


ati! vodafone UK 4G 18:56 73 = 


< Mobile Data Personal Hotspot 


Personal Hotspot C` 


Now Discoverable 


Other u an look for your shared network using Wi- 
Fi and Bluetooth under the name “Patricia's iPhone" 


Wi-Fi Password 


D 
1 Che Patricia's iPhone” from the Wi-Fi 
settinc your computer or other device 
2 Enter the password when prompted 
IN N LUE TH 
¥ 1 Pair iPhone with your computer 
2 On iPhone, tap Pair or enter the code displayed 


on your computer 


3 Connect to iPhone from computer 


1 Plug iPhone into your computer 
2 Choose iPhone from the list of network services 
in-your settings 


Configuring an iPhone to work as a mobile hotspot. 


CELLULAR RADIOS 


A cellular radio makes a connection using the nearest available transmitter (cell or 
base station). Each base station has an effective range of up to 5 miles (8 km). The 
transmitter connects the phone to the mobile and landline telephone networks. 
Cellular radio works in the 850 and 1900 MHz frequency bands (mostly in the 
Americas) and the 900 and 1800 MHz bands (rest of the world). There are two main 
cellular radio network types, each developing different standards for the "generations" 
of cellular data access (2G, 3G, and so on). Global System for Mobile Communication 
(GSM) is deployed worldwide while Code Division Multiple Access (CDMA) is adopted 
by carriers in the Americas. 
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technical sense, CDMA is a means of exchanging radio signals, it's just that the term 
"CDMA" has become a handy label to distinguish these networks from GSM. Within the 
US, Sprint and Verizon use CDMA while AT&T and T-Mobile use GSM. 


© Note: Just to confuse things, GSM radios now use a type of CDMA technology too. In its 


GSM NETWORKS AND SIM CARDS 

GSM works with a Subscriber Identity Module (SIM) card. The user adds the card to 
the device and the card obtains all the information it needs to connect to the network, 
including a phone number, radio frequency bands to use, and information about how 
to connect when roaming in different countries. Updates to this information are 
"pushed" to the card by the network provider so there is never a need to perform a 
manual update. 


Under GSM, a handset is identified by an International Mobile Station Equipment 
Identity (IMEI ). It is used by the GSM network to identify valid devices and can be 
used to stop stolen phones from accessing the network, regardless of the SIM used. 


This number is usually printed on a label in the battery compartment on a mobile 
phone. If it is a sealed case, then the number will be found on the back or bottom of 
the device. You can also access the IMEI number by dialing *#06# and it will display the 
IMEI on the device screen. Any phone connected to a GSM network must have the IMEI 
number stored in the Equipment Identity Register (EIR) database. If a phone is 
reported as being lost or stolen, the IMEI number is marked to be invalid in the EIR. 


A SIM card is registered to a particular user and can be transferred between devices. 
The user is identified by an International Mobile Subscriber Identity (IMSI) number. 
The number is stored on the SIM card in the format: 

* Three-digit mobile country code. 

* Two-digit mobile network code. 

* Up to 10 digit mobile station identification number. 


E Note: The IMEI number identifies the device. The IMSI number identifies the subscriber. 


An unlocked handset can be used with any type of SIM card from the user's chosen 
network provider; a locked handset is tied to a single network provider. 


CDMA NETWORKS 


CDMA locks the handset to the original provider and does not require any sort of SIM 
card. Handsets are identified by a Mobile Equipment ID (MEID). Information that the 
cellular radio needs to connect to the network is provided as Preferred Roaming 
Index (PRI) and Preferred Roaming List (PRL) databases. 


Note: Handsets from CDMA providers might come with a SIM card but the SIM card is to 
connect to 4G networks, which are all GSM-based. A handset might also have a SIM card 
to support roaming when traveling internationally as CDMA networks are not widespread 
outside the Americas. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
and job aids on How to View IEMI and IMSI Numbers. 


K O © 
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BASEBAND UPDATES AND RADIO FIRMWARE 


A baseband update modifies the firmware of the radio modem used for cellular, Wi-Fi, 
Bluetooth, NFC, and GPS connectivity. Radio firmware in a mobile device contains an 
operating system that is separate from the end-user operating system (for example, 
Android or iOS). The modem uses its own baseband processor and memory, which 
boots a Realtime Operating System (RTOS). An RTOS is often used for time-sensitive 
embedded controllers, of the sort required for the modulation and frequency shifts 
that underpin radio-based connectivity. 


The procedures for establishing radio connections are complex and require strict 
compliance with regulatory certification schemes, so incorporating these functions in 
the main OS would make it far harder to bring OS updates to market. Unfortunately, 
baseband operating systems have been associated with several vulnerabilities over the 
years, so it is imperative to ensure that updates are applied promptly. These updates 
are usually pushed to the handset by the device vendor, often as part of OS upgrades. 
A handset that has been jailbroken or rooted might be able to be configured to 
prevent baseband updates or apply a particular version manually, but in the general 
course of things there is little reason to do so. 


Note: Jailbreaking and rooting mean circumventing the usual operation of the mobile 
OS to obtain super-user or root administrator permissions over the device. 


WI-FI NETWORKS AND HOTSPOTS 


Not all mobile devices support cellular radios, but every smartphone and tablet 
supports a Wi-Fi radio. 


In Android, you can use the notification shade to select a network or open the Wi-Fi 
settings menus. 
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< Wi-Fi € Configure Wi-Fi 


SOTO wlan Saved networks 
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Reset default networks 
g BTWifi-X Restore modified Wi-Fi settings to network defaults 


Network notification 


Notify whenever a public network is @ 
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Keep Wi-Fi on during sleep 
Always 


MAC address 
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MORE SETTINGS 192.168.1.107 
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Using Android to join a Wi-Fi network (left). The device's network address can be checked using the 
Advanced Settings page (right). 
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In iOS, Wi-Fi networks can be setup via Settings—Wi-Fi. Either select the network 
name (if it is being broadcast) and credentials or manually configure the SSID and 
security level (WEP, WPA, or WPA2, for instance). 


A hotspot is a location served by some sort of device offering Internet access via Wi-Fi. 
There are many ways to implement a hotspot: 


« A business may set up an open access point to allow public access (or require 
payment via a captive portal). 

* Asmartphone or tablet might be configured to share its cellular data connection (a 
personal hotspot). 

* A"Mi-Fi" mobile broadband device is one dedicated to providing a personal hotspot 
service. 


When you are using a public hotspot, anyone else joined to the wireless network and 
the owner of the hotspot can easily intercept traffic passing over it. Consequently, 
users need to be careful to use SSL/TLS (with a valid digital certificate) to send 
confidential information to and from web servers and mail clients. Another option is to 
use a Virtual Private Network (VPN) to protect the browsing session. 


Access the Checklist tile on your CHOICE Course screen for reference information 
VW and job aids on How to Enable or Disable Network Connections on Mobile Devices. 


MOBILE VPN CONFIGURATION 


A Virtual Private Network (VPN) uses a protocol such as IPSec or Secure Sockets 
Tunneling Protocol (SSTP) to create a tunnel through a carrier network. The contents 
of the tunnel can be encrypted so that no one with access to the carrier network (such 
as open access point) can intercept information passing through the VPN. 


A mobile VPN is one that can maintain the VPN link across multiple carrier networks, 
where the IP address assigned to the mobile device may change often. The Mobile VPN 
app assigns a virtual IP address to connect to the VPN server, then uses any available 
carrier network to maintain the link. It is also capable of sustaining the link when the 
device is in sleep mode. Mobile VPNs are usually implemented as third party apps on 
both Android and iOS devices. 


BLUETOOTH 


Bluetooth is a short-range (up to about 10 m) radio link, working at a nominal rate of 
up to about 3 Mbps (for v2.0 + EDR). The latest versions of Bluetooth support a 24 
Mbps data rate by negotiating a higher bandwidth link using the Wi-Fi radio. Bluetooth 
is used for so-called Personal Area Networks (PANs) to share data with a PC, connect to 
a printer, use a wireless headset, and so on. 
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Bluetooth pairing. 


In iOS, Bluetooth devices are configured via Settings—General—Bluetooth. Switch 
Bluetooth on to make the device discoverable and locate other nearby devices. In 
Android, you can access Bluetooth settings via the notification shade. 


In Windows, you can manage Bluetooth Devices using the applet in Control Panel or 


Windows Settings and the Bluetooth icon 0 in the notification area. The pairing 
system should automatically generate a passkey when a connection request is 
received. Input or confirm the key on the destination device and accept the connection. 
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i> Not connected 

Pairing a Windows 10 computer with a smartphone. (Screenshot used with permission from 
Microsoft.) 


To test the connection, you can simply try use the device—check that music plays 
through Bluetooth headphones, for example. If you are connecting a device and a 


Windows PC, you can use the Bluetooth icon 0 or £squirt command to launch the 
Bluetooth File Transfer Wizard and enable sending or receiving of a file. 


If you cannot connect a device, check that it has been made discoverable. Another 
option is to make the computer visible to Bluetooth devices (so that you can initiate a 
connection from the device rather than from Windows). You should also check that the 
PC is configured to allow connections (and that the Bluetooth radio is turned on). 


If you make a computer discoverable, check the pairing list regularly to confirm that 
the devices listed are valid. 


If you still cannot add or use Bluetooth devices, check that the Bluetooth Support 
Service is running. Also, consider using Device Manager to disable power 
management settings on the Bluetooth adapter and the problematic Bluetooth device. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vl and job aids on How to Enable Bluetooth. 
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AIRPLANE MODE 


Each type of wireless radio link can be toggled on or off individually using the Control 
Center (swipe up from the bottom in iOS) or notification shade (swipe down from the 
top in Android). For example, you could disable the cellular data network while leaving 
Wi-Fi enabled to avoid incurring charges for data use over the cellular network. Most 
airlines prevent flyers from using radio-based devices while onboard a plane. A device 
can be put into airplane mode to comply with these restrictions, though some carriers 
insist that devices must be switched off completely at times such as take-off and 
landing. Airplane mode disables all wireless features (cellular data, Wi-Fi, GPS, 
Bluetooth, and NFC). On some devices, some services can selectively be re-enabled 
while still in airplane mode. 


Wed, 12 Sep 


No service 


Do not disturb T Auto-rotate 


4 9 


Bluetooth Aeroplane mode Location 


. 
Screen 
A Mirroring 


iOS iPhone (left) and Android phone (right) with Airplane (Aeroplane) mode enabled. 


EMAIL CONFIGURATION OPTIONS 


One of the most important features of mobile devices is the ability to receive and 
compose email. The settings are configured on the device in much the same way you 
would set up a mail account on a PC. For example, in iOS, open Settings—Mail, 
Contacts, Calendars then select Add Account. 


COMMERCIAL PROVIDER EMAIL CONFIGURATION 


Most mobile devices have integrated provider configurations that allow the OS to 
autodiscover connection settings. Autodiscover means that the mail service has 
published special Domain Name System (DNS) records that identify how the account 
for a particular domain should be configured. Many autodiscover-enabled providers 
will be listed on the device. Choose the mail provider (Exchange, Gmail™, Yahoo!®, 
Outlook®, iCloud®, and so on) then enter your email address and credentials and test 
the connection. 


Lesson 9: Supporting and Troubleshooting Mobile Devices | Topic C 


528 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 
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Configuring an autodiscover-enabled Exchange mail account in Android. 


CORPORATE AND ISP EMAIL CONFIGURATION 


Exchange is usually an integrated provider option and clients can autodiscover the 
correct settings. To manually configure an Exchange ActiveSync account you need to 
enter the email address and user name (usually the same thing) and a host address 
(obtain this from the Exchange administrator) as well as a password and the choice of 
whether to use SSL (most Exchange servers will require SSL). There is often also a field 
for domain but this is usually left blank. 


Note: If there is a single "Domain\User Name" field, prefix the email address with a 
backslash: \me@company.com. 


If you are connecting to an Internet Service Provider (ISP) or corporate mail 
gateway that does not support autodiscovery of configuration settings, you can enter 
the server address manually by selecting Other, then inputting the appropriate server 
addresses: 


* Incoming mail server—Internet Mail Access Protocol (IMAP) or Post Office 
Protocol (POP3). 


Note: Choose IMAP if you are viewing and accessing the mail from multiple devices. 
POP3 will download the mail to the device, removing it from the server mailbox. Note 
that Exchange doesn't use either POP3 or IMAP (though it can support them) but a 
proprietary protocol called Messaging Application Programming Interface 
(MAPI). 


* Outgoing mail server—Simple Mail Transfer Protocol (SMTP). 
* Enable or disable Secure Sockets Layer (SSL). 


Note: SSL protects confidential information such as the account password and is 
necessary if you connect to mail over a public link (such as an open Wi-Fi "hotspot". 
Note that you can only enable SSL if the mail provider supports it. 


* Ports—the secure (SSL enabled) or unsecure ports used for IMAP, POP3, and SMTP 
would normally be left to the default. If the email provider uses custom port 
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settings, you would need to obtain those and enter them in the manual 
configuration. 
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Configuring an email account manually in iOS. 


S/MIME 


Connecting to email servers by using secure ports ensures that the password you use 
to connect is protected by encryption. It does not provide "end-to-end" encryption of 
the messages you send, however. Encryption of an actual email message by using 
digital certificates and digital signatures ensures that a message can be read only by 
the intended recipient, that the identity of the sender is verified, and that the message 
has not been tampered with. The main difficulty is that both sender and recipient must 
agree to use the same (or compatible) encryption products. There are two main 
standards: Pretty Good Privacy (PGP) and Secure Multipart Internet Mail 
Extensions (S/MIME). Both provide similar sorts of functions but use different 
mechanisms to trust digital identities. 


Both PGP and S/MIME work with digital certificates and public/private key pairs. It is 
important to understand the two different ways these key pairs are used in an 
asymmetric encryption system: 


+ When you sign a message, you use your private key to validate who you are and 
give the public key related to that private key to anyone you want to communicate 
with. The public key allows the recipient to verify who you are. 

+ When you want people to send you messages that only you can read, your public 
key is used by the sender to encrypt the message. Once encrypted, only your 
private key can decrypt it (your public key cannot be used to reverse the 
encryption). 


The encryption keys are stored and exchanged using digital certificates. Each mobile 
OS has a store for certificates, and for email encryption to work properly, the correct 
certificates and root certificates must be available to the application. In most scenarios, 
these would be added to the device using Mobile Device Management (MDM) 
software. 
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Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vf and job aids on How to Configure Email Accounts. 
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Activity 9-3 


Discussing Mobile Device Network 
Connectivity Configuration 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Why would a user be likely to disable cellular data access but leave Wi-Fi 
enabled? 


2. What is tethering? 


3. What serial number uniquely identifies a particular handset? 


4. What is the function of a smartphone's baseband processor? 


5. How do you configure an autodiscover-enabled email provider ona 
smartphone? 


6. True or false? S/MIME is used to configure a secure connection to a mailbox 
server, so that your password cannot be intercepted when connecting over 
an open access point. 
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Activity 9-4 


Configuring Bluetooth 


SCENARIO 


Personal Area Networks (PAN) are widely used to provide connectivity for wireless 
peripherals, as well as Internet connection tethering and personal hot spots. In this 
activity, you will practice using Bluetooth to configure a PAN. 


1. Access the settings on the mobile device to determine which wireless connection 
methods are supported on your mobile device. 


Note: Your instructor will provide you with documentation or help guide you 
through this activity. As mobile devices vary widely, step-by-step directions would 


not necessarily apply to the devices available to you. 


2. Create a Bluetooth connection between two Bluetooth capable devices. 
a) Enable Bluetooth on the mobile device by using the system settings. 
b) Enable pairing on the device. 
c) On your mobile device, find a device for pairing. 
d) Once the device is found, it will ask for a PIN code. 


Depending on the type of device, the PIN code will be sent via a text, or will be a 
standard code, such as “0000” used for wireless headsets. 


e) Verify that a connection message has been displayed. 


f) Test the connection by using the two devices together to either transfer data, answer 
or make a call, or play music. 
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Topic D 


Support Mobile Apps 


EXAM OBJECTIVES COVERED 
El 1001-1.7 Given a scenario, use methods to perform mobile device synchronization. 


1001-3.9 Given a scenario, install and configure common devices. 


Data synchronization is the process of automatically merging and updating common 
data that is stored on multiple devices. For example, a user can access his or her email 
contacts list from both his or her mobile device and his or her laptop computer. 
Synchronization is established when the devices are either connected via a cable or 
wirelessly, or over a network connection. In this topic, you will identify methods and 
best practices for managing accounts and apps and synchronizing mobile devices. 


MOBILE ACCOUNT SETUP 


Most mobile devices have a single user account, configured when the device is used for 
the first time (or re-initialized). This account is used to manage the apps installed on 
the device by representing the user on the app store. iOS requires an Apple ID while an 
Android device requires either a Google Account or a similar vendor account, such as 
a Samsung Account. This type of account just requires you to select a unique ID (email 
address) and to configure your credentials (pattern lock, fingerprint, face ID, and so 
on). Accounts can also be linked to a cellphone number or alternative email address 
for verification and recovery functions. 


Note: Multi-user capability is more useful on tablet devices (for use in the classroom, for 
instance) than on smartphones. Android has some multi-user functionality. Apple makes 


classroom deployment software available, but otherwise iOS is single user per device. 


As well as managing the app store, the account can be used to access various services, 
such as an email account and cloud storage. 


The user can set up sub-accounts for services not represented by their Apple ID or 
Google Account, such as a corporate email account. Each app can set up a sub- 
account, too. For example, your device might have accounts for apps such as Facebook 
or LinkedIn®. 


Account settings allow you to choose which features of a particular account type are 
enabled to synchronize data with the device. You can also add and delete accounts 
from here. 
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iOS supports a single Apple ID account per device. (Screenshot courtesy of Apple.) 


MOBILE APPLICATIONS AND APP STORES 


Apps are installable programs that extend the functionality of the mobile device. An 
app must be written and compiled for a particular mobile operating system (Apple iOS, 
Android, or Windows). 


iOS APPS 


Apps are made available for free or can be bought from the App Store. Apps have to 
be submitted to and approved by Apple before they are released to users. This is also 
referred as the walled garden model and is designed to prevent the spread of 
malware or code that could cause faults or crashes. Apps can use a variety of 
commercial models, including free to use, free with in-app purchases, or paid-for. 


Third-party developers can create apps for iOS using Apple's Software Development 
Kit (SDK) Xcode and the programming language Swift. Xcode can only be installed and 
run on a computer using macOS®. 


Note: There is also an Apple Developer Enterprise program allowing corporate apps to 
be distributed to employees without having to publish them in the App Store. 
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Android's app model is more relaxed, with apps available from both Google Play™ and 
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available on Linux, Windows, and macOS. Apps are supposed to run in a sandbox and 
have only the privileges granted by the user. 
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Use the Play Store to install an app (left), grant the app permissions (middle), and review permissions 
and other settings (right). 


Simple. Personal. Secure. 
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An app will normally prompt when it needs to obtain permissions. If these are not 
granted, or if they need to be revoked later, you can do this via the app's Settings 
page. 

Android also allows third-party or custom programs to be installed directly via an 
Android Application Package (apk) file, giving users and businesses the flexibility to 
directly install apps (sideload) without going through the storefront interface. An APK 
file contains all of that program's code, including .dex files, resources, assets, 
certificates, and manifest files. Similar to other file formats, APK files can be named 
almost anything, as long as the file name ends in .apk. 


TYPES OF DATA TO SYNCHRONIZE 


Mobile device synchronization (sync) refers to copying data back and forth between 
different devices. This might mean between a PC and smartphone or between a 
smartphone, a tablet, and a PC. Many people have multiple devices and need to keep 
information up-to-date on all of them. If someone edits a contact record on a phone, 
they want the changes to appear when they next log into email on their PC. 


Data synchronization. (Image © 123RF.com.) 


There are many different types of information that users might synchronize and many 
issues you might face dealing with synchronization problems. 


CONTACTS 


A contact is a record with fields for name, address, email address(es), phone numbers, 
notes, and so on. One issue with contacts is that people tend to create them on 
different systems and there can be issues matching fields or phone number formats 
when importing from one system to another using a file format such as Comma 
Separated Values (CSV). vCard represents one standard format and is widely 
supported now. Maintaining a consistent, single set of contact records is challenging 
for most people, whatever the technology solutions available! 


CALENDAR 


A calendar item is a record with fields for appointment or task information, such as 
subject, date, location, and participants. Calendar records have the same sort of sync 
issues as contacts; people create appointments in different calendars and then have 
trouble managing them all. Calendar items can be exchanged between different 
services using the iCalendar format. Another (fairly minor) issue is that the reminders 
tend to go off on all devices at the same time. 
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EMAIL 


Most email systems store messages on the server and the client device is used only to 
manage them (IMAP, Exchange, and web mail, for instance). There can often be sync 
issues, however, particularly with deletions, sent items, and draft compositions. 


PICTURES, MUSIC, AND VIDEO 


The main sync issue with media files tends to be the amount of space they take up. 
There might not be enough space on one device to sync all the files the user has 
stored. There can also be issues with file formats; not all devices can play or show all 
formats. 


DOCUMENTS 


As with media files, documents can use many different formats (Microsoft Word, PDF, 
plain text, Open XML, and so on). Users editing a document on different devices may 
have trouble with version history, unless the changes are saved directly to the copy 
stored in the cloud. 


E-BOOKS 

There are many apps for purchasing or borrowing e-books and e-magazines or e- 
newspapers. Often the formats used by different merchants are not interoperable, so 
multiple e-readers may be required. An e-reader will usually track where you have read 
to in an e-book, so if you open it on a different device, you can pick up on the page you 
left off. There are also often facilities for making annotations. 


LOCATION DATA 

Modern services add geolocation data to pretty much everything. If you use a map or 
travel planner while signed into the service, your location history is likely to have been 
recorded, unless you have selected an opt-out. 


SOCIAL MEDIA DATA 


The apps used to manage our online social lives store pretty much all information in 
the cloud, using local storage for cache only, so the view of your online life from your 
phone is likely to be pretty much the same as from your PC. 


APPLICATIONS 


When you purchase an app from a store, it will be available across all devices you sign 
in on, as long as they are the same platform. If you have a Windows PC and an Apple 
iPhone, you will find yourself managing two sets of apps. Most of them will share data 
seamlessly, however (the social media ones, for instance). Apple has introduced a 
family sharing feature to allow apps to be shared between different Apple IDs within 
the same family. 


BOOKMARKS 

A bookmark is a record of a website or web page that you visited. Browsers keep an 
automatic history of bookmarks and you can also create a shortcut (or favorite) 
manually. 


PASSWORDS 


Both iOS and Android will prompt you to save passwords when you sign in to apps and 
websites. These passwords are cached securely within the device file system and 
protected by the authentication and encryption mechanisms required to access the 
device via the lock screen. 


These cached passwords can be synchronized across your devices using cloud 
services. You have to remember that anyone compromising your device/cloud account 
will be able to access any service that you have cached the password for. 
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SYNCHRONIZATION METHODS 


Historically, data synchronization would most often take place between a single 
smartphone and desktop PC. You might use the PC to back up data stored on the 
smartphone, for instance, or to sync calendar and contact records. Nowadays, it is 
much more likely for all our devices to be connected via cloud services. If given 
permission, the device OS backs up data to the cloud service all the time. When you 
sign in to a new device, it syncs the data from the cloud seamlessly. 


iOS SYNCHRONIZATION METHODS 


iOS can synchronize with a Windows or Mac computer via the iTunes® program. As with 
any software, you need to ensure that the computer meets the requirements to install 
the sync software. The system requirements for these programs are not typically 
onerous, however. At the time of writing, the principal system requirements for iTunes 
are a 1 GHz PC with 512 MB RAM, 400 MB free disk space, and Windows 7 or later or 
any Mac running OS X® or macOS 10.8.5 or later. 


The software may install background services and require these to be running to 
facilitate connections. For example, iTunes requires the Apple Mobile Device Service to 
communicate with devices and the Bonjour service to enable some features, such as 
sharing media libraries. 
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LIBRARY Summary [ Info } Apps Music Films TV Programmes Photos 

fi Music a 


STORE @ Sync Contacts with 
[el iTunes Store ¥ Outlook 
© iTunes Match -4 
çQ Ping 
=) Purchased 
@® Downloads Contacts- 


@ All contacts Google Contacts 
© Selected grou Windows Contacts ly 
Yahoo! Address Book 


DEVICES 


n Music 


PLAYLISTS 
E Add contacts created outside of groups on this iPhone to: | 


Your contacts are being synced with Microsoft Exchange over the air. Your contacts will also sync directly with this 
computer, This may result in duplicated data showing on your device. 


Ø Sync Calendars with | Outlook 


Photos @ Other Free 
0.01 GB 0.39 GB 13.3 GB 


Using iTunes to sync data between an iPhone and a PC. 


Once iTunes is installed, the device can be connected to the computer via a USB cable 
(with an Apple Dock or Lightning connector at the iPhone end) or via a Wi-Fi link. 


The software allows the user to choose what to synchronize with the device. Users can 
also use iTunes as a means of purchasing apps to be sent to their mobile devices. 


Another feature of iTunes is the ability to back up, recover, and reinstall firmware on 
the phone. It is also used to activate the device at the first use. 
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Apple has also the iCloud service, which allows synchronization of devices via a cloud 
storage facility so that all iOS devices owned by a user with the same ID can share data, 
photos, music, and contacts. 


ANDROID SYNCHRONIZATION METHODS 


Android-based phones are primarily set up to sync with Google's Gmail email and 
calendar/contact manager cloud services. 


La] OY 4 ia 17:10 
€& Google ; 
G Google 

Calendar 

Sync is OFF 

Contacts 

Sync is OFF 

Docs @ 
Last synced 12/09/2018 22:39 

Drive e 
Last synced 15/09/2018 04:37 

Gmail 

Sync is OFF 

Google Fit data © 


Last synced 17/09/2018 16:20 


Account settings for the Google master account on an Android smartphone. This account is used for 
the Play Store and to sync data with other cloud services, but not email, contacts, or calendar. 


You can usually view an Android phone or tablet from Windows over USB or Bluetooth 
and use drag-and-drop for file transfer (using the Media Transfer Protocol). Some 
Android vendors have utilities for synchronization similar to iTunes, such as Samsung 
Kies for Samsung phones. 
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Use USB to 


© Charge this device 


Just charge this device 


O Transfer files 


Transfer files to another device 


O Transfer photos (PTP) 


Transfer photos or files if MTP is not 
supported (PTP) 


O Use device as MIDI 


Use this device as MIDI 


CANCEL 


Connecting an Android smartphone to a Windows PC over USB. You can choose whether to allow some 
sort of data transfer as well as charge the battery. If you enable data transfer, the device's file system 
will be made available via File Explorer. 


The app doubleTwist provides a means of synching with an iTunes library, and there 
are various other third-party apps for synching with other programs or using protocols 
such as File Transfer Protocol (FTP). 


MICROSOFT AND THIRD-PARTY SYNCHRONIZATION METHODS 
Microsoft makes a whole range of cloud services available with a Microsoft account, 
including free storage space on OneDrive and email/calendar/contact management on 
Outlook.com. There is also the cloud-based Office suite Office365 with word 
processing, spreadsheet, and presentation software (amongst others). 


Apple, Google, and Microsoft obviously make it easy to use "their" cloud services on 
"their" devices, but all produce apps for the different platforms, so you can (for 
example) run OneDrive on an iPhone if you want. There are also third-party cloud sync 
and storage services, most notably Dropbox™. You should check the vendor's website 
for any software requirements for installing the desktop app. For example, Dropbox's 
desktop app runs on Windows 7 or later, macOS 10.9 or later, Ubuntu™ 14.04 or later, 
or Fedora 21 or later. There are additional requirements for a supported file system 
(NTFS, HFS/APFS, or ext4, respectively) and in Linux™, for the presence of various 
libraries and supporting packages. 


SYNCHRONIZING TO AUTOMOBILES 

Most new automobiles come with in-vehicle entertainment and navigation systems. 
The main part of this system is referred to as the head unit. If supported, a 
smartphone can be used to "drive" the head unit so the navigation features from your 
smartphone will appear on the display (simplified for safe use while driving) or you 
could play songs stored on your tablet via the vehicle's entertainment system. The 
technologies underpinning this are Apple CarPlay and Android Auto. Typically, the 
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smartphone has to be connected via USB. Both CarPlay Wireless and Android Auto 
Wireless have been released, and at time of writing, are supported by a few in-vehicle 
systems. 


MUTUAL AUTHENTICATION FOR MULTIPLE SERVICES 


Most service providers want to obtain as much personal data as they can and are 
consequently hungry for us to register accounts with their apps and websites. Equally, 
though, many service providers recognize that users don't want to be continually 
creating multiple accounts on multiple apps or sites and that registration can be a 
barrier to a user choosing to continue to use the app. 


What the CompTIA exam objectives describe as Mutual authentication for multiple 
services (SSO [Single Sign On]) means that one service accepts the credentials from 
another service. This is more usually described as federated identity management. 
For example, you could sign into a popular newspaper app using your Facebook 
credentials. In this scenario, the newspaper does not process the sign in itself and your 
password is not passed to the newspaper app. Instead, the newspaper app relies on 
Facebook's web services to authenticate the account and provide authorization 
information, which the newspaper app then uses to identify you as a previous 
customer or user. 


A true single sign-on environment means that you authenticate once to access many 
services. This model is typical of enterprise networks and their email, database, and 
document management applications. Mobile device apps supporting a true single sign- 
on environment would usually take the device credentials. For example, when you 
associate your iPhone with an Apple ID (say, david.martin@apple.com) and unlock it, 
an SSO newspaper app on that iPhone would identify that you are signed in as 
david.martin@apple.com and load the appropriate profile for you automatically, 
without requiring you to sign in again. Not many third party apps actually integrate 
with SSO in this way, but the vendor cloud services work on this basis. For example, 
when you sign in to Google, you are signing in to email, maps, YouTube, search, and so 
on. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vl and job aids on How to Support Mobile Apps. 
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Activity 9-5 


Discussing Mobile App Support 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Why must a vendor account usually be configured on a smartphone? 


2. What is sideloading? 


3. Which types of data might require mapping between fields when syncing 
between applications? 


4. What software is used to synchronize data files between an iOS device anda 
PC and what connection methods can it use? 


5. How might an app register users without implementing its own 
authentication process? 
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Topic E 


Secure Mobile Devices 


EXAM OBJECTIVES COVERED 
El 1002-2.8 Given a scenario, implement methods for securing mobile devices. 


Mobile devices can be used for multiple functions within the professional workplace. 
Knowing that, you must be able to provide basic level support to your users, including 
configuring security settings. 


POPULAR SECURITY CONTROLS FOR MOBILE DEVICES 


It is critical that the organization’s mobile device security practices be specified via 
policies, procedures, and training. Although you always want your practices specified 
via policies and procedures, it is particularly important with respect to mobile devices, 
because these devices tend to be forgotten or overlooked. They don't reside, or “live,” 
in the workplace in the same way as, for example, a desktop computer, and they won't 
necessarily be there when virus databases are being updated, patches are being 
installed, files are backed up, and so on. Procedural and technical controls to manage 
these mobile devices mitigate the risk that they may introduce vulnerabilities in the 
company's network security. 


There are two principal challenges when it comes to mobile device security: portability 
and capacity: 


* Portability—devices that are portable are easy to lose or to steal or to sneak into 
somewhere they should not be allowed. 

* Capacity—while great for consumers, the capacity and ease of portability of flash 
media, removable hard drives, smartphones, and tablets is a big problem for 
information security. A typical removable hard drive or Network Attached Storage 
(NAS) device or even a smartphone can copy down the contents of a workstation or 
even a server in a few minutes. Because they use USB or network ports, it is difficult 
to prevent the attachment of such devices. 


The problems, therefore, surround the fact that because of their portability and 
capacity, mobile devices can be both targets of attack and the means by which an 
attack can be accomplished. You have to protect the data on your mobile devices from 
being compromised, and you have to protect the data in any of your systems from 
being removed by mobile devices. 


eo Note: One of the most important steps you can take to maintain security of mobile 


devices is to not leave the devices unattended. 


MOBILE DEVICE ACCESS CONTROL 


The majority of smartphones and tablets are single-user devices. Access control can be 
implemented by configuring a password or PIN and screen lock. iOS does not support 
multiple user accounts at all. Later versions of Android support multiple user accounts 
on both tablets and smartphones. 
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SCREEN LOCKS AND BIOMETRIC AUTHENTICATION 

If an attacker is able to gain access to a smartphone or tablet, they can obtain a huge 
amount of information and the tools with which to launch further attacks. Apart from 
confidential data files that might be stored on the device, it is highly likely that the user 
has cached passwords for services such as email or remote access VPN and websites. 
In addition to this, access to contacts and message history (SMS, text messaging, email, 
and IM) greatly assists social engineering attacks. 


Consequently, it is imperative that data stored on the device be encrypted and access 
to the device protected by a screen lock. 


Configuring a screen lock means that a password/passcode (or at the very least a PIN) 
is required to use the device. There are also "join-the-dots" pattern locks, which are 
also referred as swipe locks. 
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Configuring screen lock options in iOS (left) and Android (right). 


visible on the surface, making it much easier to guess or copy. Swipe patterns are also 


Note: Pattern passcodes have several drawbacks. The smudge pattern may remain 
quite easy to observe over someone's shoulder. 


All but the cheapest device models now include a fingerprint sensor to provide a 
biometric authentication method. Apple refers to this feature as Touch ID. The user 
sets up a template fingerprint scan, which is converted to a unique hash and stored 
within a secure cache on the device (enrollment). To authenticate, the user touches the 
reader and the device re-computes the hash; if it matches the stored value, then 
access is granted. 


Another biometric mechanism is the face lock, with the hash being computed from a 
picture of the user's face rather than a scan of their fingerprint. This has the advantage 
of being able to use a standard device (the camera) rather than a special sensor. Apple 
refers to their system as Face ID. 
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Note: Biometric methods tend to suffer from high error rates, including false negatives 
(where the sensor does not identify the scan as valid) and false positives (where the 
sensor validates a scan it should not have). A passcode is also configured as a backup 
authentication method. 


LOCKOUT POLICY AND REMOTE WIPING 


The screen lock can also be configured with a lockout policy or (put another way) a 
policy to restrict failed login attempts. This means that if an incorrect passcode is 
entered, the device locks for a set period. This could be configured to escalate—so the 
first incorrect attempt locks the device for 30 seconds while the third locks it for 10 
minutes, for instance. This deters attempts to guess the passcode. 


Another option on some phones is the support for remote wipe or a kill switch. This 
means that if the handset is stolen, it can be set to the factory defaults, disabled, 
and/or cleared of any personal data. Some utilities may also be able to wipe any plug- 
in memory cards, too. The remote wipe could be triggered by a number of incorrect 
passcode attempts or by enterprise management software. 


Other features include backing up data from the phone to a server first and displaying 
a "Lost/stolen phone—return to XX" message on the handset. 
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Most corporate messaging systems come with a Remote Wipe feature, allowing mail, calendar, and 
contacts information to be deleted from mobile devices. 


The OS vendors now often supply the same services, such as Apple's Activation Lock 
or Google's Device Protection. 

A thief can (in theory) prevent a remote wipe by ensuring the phone cannot connect to 
the network, then hacking the phone and disabling the security, but this requires some 
expertise. Even in those cases, services such as Activation Lock work in the device 
firmware, preventing restores or the disabling of location services. 


MOBILE DEVICE AND DATA RECOVERY 


If a mobile device is lost or stolen, there are mechanisms to use to try to effect its 
recovery and to prevent any misuse or loss of data stored on the device. 


GPS, GEOTRACKING, AND LOCATOR APPLICATIONS 


Most smartphones and many tablets are now fitted with Global Positioning System 
(GPS) receivers. GPS is a means of determining a receiver's position on the Earth based 
on information received from GPS satellites. The receiver must have line-of-sight to the 
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GPS satellites. As GPS requires line-of-sight, it does not work indoors. Indoor 
Positioning Systems (IPS) work out a device's location by triangulating its proximity to 
other radio sources, such as Wi-Fi access points or Bluetooth beacons. 


Knowing the device's position (geotracking) also allows app vendors and websites to 
offer location-specific services (relating to search or local weather, for instance) and 
(inevitably) advertising. You can use Location Services settings to determine how 
visible your phone is to these services. 


As well as supporting maps and turn-by-turn instructions, Location Services can be 
used for security to locate a lost or stolen device. Such Find My Phone or locator 
applications are now a standard service for all the major mobile OSes. Once set up, 


the location of the phone (as long as it is powered on) can be tracked from any web 
browser. 


My Devices 


James's iPhone 


James's iPhone 
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Remote Lock Remote Wipe 
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You can use the iCloud and Find My Phone apps to locate an iOS device and remotely lock or wipe it 
(or send the current holder a polite message to please return it ASAP). 


apps allow the user to remotely enable features in the app. One feature that can be quite 
useful is enabling the camera on the phone. It has been reported that sometimes the 
thief has been captured using the photos taken in this manner. 


© Note: If a mobile device has a locator app installed and the device is lost or stolen, some 


FULL DEVICE ENCRYPTION 


All but the earliest versions of mobile device OSes for smartphones and tablets provide 
full device encryption. The purpose of device encryption is to prevent anyone in 
possession of the device being able to circumvent the mobile OS's access controls and 
read the raw data stored on the flash memory components. If that raw data is 
encrypted (and the attacker cannot retrieve the encryption key from the device), then 
the information remains inaccessible. 


In iOS, there are various levels of encryption. 


* All user data on the device is always encrypted but the key is stored on the device. 
This is primarily used as a means of wiping the device. The OS just needs to delete 
the key to make the data inaccessible rather than wiping each storage location. 

* Email data and any apps using the Data Protection option are also encrypted using 
a key derived from the user's passcode. This provides security for data in the event 
that the device is stolen. Not all user data is encrypted; contacts, SMS messages, 
and pictures are not, for example. 


In iOS, Data Protection encryption is enabled automatically when configuring a 
password lock on the device. 
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In Android, encryption is enabled via Settings—Security. Android uses full-disk 
encryption with a passcode-derived key. When encryption is enabled, it can take some 
time to encrypt the device. 
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Encryption options in Android OS. 


Note: The encryption key is derived from the PIN or password. In order to generate a 
strong key, you should use a strong password. Of course, this makes accessing the device 
each time the screen locks more difficult. 


Note: With the release of Android Nougat, full device encryption is being deprecated in 
favor of file-level encryption. 


REMOTE BACKUP APPLICATIONS 

Most mobile OS devices are configured with a user account linked to the vendor's 
cloud services (iCloud for iOS, Google Sync for stock Android, and OneDrive for 
Microsoft). The user can then choose to automatically back up data, apps, and settings 
to the cloud. A user may choose to use a different backup provider (OneDrive on an 
Android phone, for instance) or a third-party provider, such as Dropbox. 


As well as cloud services, a device can be backed up to a PC. For example, iOS supports 
making backups via the iTunes program. A third option is for Mobile Device 
Management (MDM) software to be configured to back up user devices automatically. 


MULTIFACTOR AUTHENTICATION AND AUTHENTICATOR 
APPLICATIONS 


Authentication methods are stronger when they are combined. There are four main 
types of "factor" describing different authentication methods: 


* Something you know—such as a password or pass code or swipe pattern. 
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* Something you are—such as your fingerprint or face. 
* Something you have—such as a unique digital token or smart card. 
* Somewhere you are—use of a device or service might be tied to your geolocation. 


Multifactor authentication means using two different methods. Requiring a user to 
enter a password and then a PIN is not multifactor. 


Mobile device unlock methods are almost always single factor because no one wants 
to go through the bother of multifactor authentication every time the device is used. A 
user might configure two alternative methods of unlocking the device, such as 
configuring face lock and a pattern lock, but this is not multifactor authentication. 


Multifactor authentication is often used with online services. For example, when using 
a new device with a web service or app such as email or online storage, many vendors 
encourage the use of 2-step verification. 2-step verification means that as well as a 
password for the service, you register a phone or alternative email address. When you 
use a new computer or device to access the service, the authenticator application 
sends a code in the form of a One Time Password (OTP) to your phone. You must 
then supply the account user name and password and the OTP code to authenticate. 


This reduces the risk that someone who has discovered your password could access 
your account, because the computer they are using is not one recognized by the 
service. 


Note: The OTP is computed in such a way that it can only be used once (and often has to 
be used within a limited time frame). 


MOBILE DEVICE POLICIES 


Mobile Device Management (MDM) is a class of enterprise software designed to 
apply security policies to the use of smartphones and tablets in business networks. 
This software can be used to manage corporate-owned devices as well as Bring Your 
Own Device (BYOD). BYOD means allowing employees to use their private 
smartphones and tablet devices to access corporate data. 


A key feature of MDM is the ability to support multiple operating systems, such as iOS, 
Android, and the various iterations of Windows and Windows Mobile. A few MDM 
suites are OS-specific (such as Apple Configurator) but the major ones, such as 
AirWatch (www.air-watch.com), Symantec (www.symantec.com), and Citrix Endpoint 
Management (www.citrix.com), support multiple device vendors. 


PROFILING SECURITY REQUIREMENTS 

The MDM software logs use of a device on the network and determines whether to 
allow it to connect or not, based on administrator-set parameters. This process can be 
described as onboarding. 


When the device is enrolled with the management software, it can be configured with 
policies to allow or restrict use of apps, corporate data, and built-in functions such as a 
video camera or microphone. Policies can also be set to ensure the device patch status 
is up-to-date, that antivirus software is present and updated, and that a device firewall 
has been applied and configured correctly. 
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Policy has disabled swipe, pattern, and PIN access, forcing use of a complex password. 


A company needs to create a profile of security requirements and policies to apply 
for different employees and different sites are areas within a site. For example, it might 
be more secure to disable the camera function of any smartphone while onsite but 
users might complain that they cannot use their phones for video calls. A sophisticated 
security system might be able to apply a more selective policy and disable the camera 
only when the device is within an area deemed high risk from a data confidentiality 
point-of-view. Some policies can be implemented with a technical solution; others 
require "soft" measures, such as training and disciplinary action. 


TRUSTED AND UNTRUSTED APP SOURCES 

A trusted app source is one that is managed by a service provider. The service 
provider authenticates and authorizes valid developers, issuing them with a certificate 
to use to sign their apps and warrant them as trusted. It may also analyze code 
submitted to ensure that it does not pose a security or privacy risk to its customers (or 
remove apps that are discovered to pose such a risk). It may apply other policies that 
developers must meet, such as not allowing apps with adult content or apps that 
duplicate the function of core OS apps. 


The mobile OS defaults to restricting app installations to the linked store (App Store for 
iOS and Play for Android). Most consumers are happy with this model but it does not 
work so well for enterprises. It might not be appropriate to deliver a custom corporate 
app via a public store, where anyone could download it. 


Apple operates an enterprise developer program to solve this problem. The enterprise 
developer can install a profile with their security credentials along with the app. This is 
normally handled by an MDM suite. The user then chooses to trust the app via 
Settings—General-—Profiles. It is also possible to sideload enterprise apps via iTunes 
and a desktop PC. 
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The Play store has a private channel option and Google runs an Android for Work 
program for enterprise developers. 


Android allows for selection of different stores and installation of untrusted apps from 
any third party, if the user chooses the third party or unknown sources option. This 
allows a greater degree of customization but also makes the device vulnerable to 
attacks. With unknown sources enabled, untrusted apps can be downloaded from a 
website and installed using the .apk file format. 
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MOBILE DEVICE SECURITY SOFTWARE 


Mobile devices can use the same classes of security software as PCs and laptops to 
harden against malware, software exploits, or network exploits. 


ANTIVIRUS/ANTI-MALWARE AND FIREWALLS 

Modern smartphones are computers in their own right and as such are vulnerable to 
software exploits as well as being targets of malware and viruses, especially if an 
untrusted app source has been configured. antivirus apps have become popular in 
the Android app market especially after some publicized cases of viral infection on 
Android devices. Some mobile antivirus software scans only installed apps and ignores 
plug-in flash memory cards. There is also a problem with the limited user base and the 
emerging natures of mobile OS threats and vulnerabilities. This makes it difficult to 
create pattern databases of known threats and use heuristics (machine learning) to 
identify new threats. 


Another class of security software is the app scanner. These are designed to monitor 
the permissions allocated to apps and how they are using (or abusing) them. There are 
also firewall apps for mobile devices. These can be used to monitor app activity and 
prevent connections to particular ports or IP addresses. One issue for firewalls is that 
they must be able to control other apps and therefore logically work at a higher 
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permission level (root). Installing an app with root access is challenging, however. "No- 
root" firewalls work by creating a Virtual Private Network (VPN) and then controlling 
app access to the VPN. 


Apple has traditionally been relaxed about the need for third-party security solutions, 
such as antivirus or firewalls. Consequently, there are few iOS security apps. 


PATCHING/OS UPDATES 

Keeping a mobile OS and its apps up-to-date with patches (and ideally new OS 
versions) is as critical as it is for a desktop computer. The install base of iOS is generally 
better at applying updates because of the consistent hardware and software platform. 
Updates for iOS are notified by an alert on wake and delivered via 
Settings—General—Software Update. App updates are indicated via red notifications 
on the app icon and delivered via the Updates page in the app store. 


Android patches are more reliant on the device vendor as they have to deliver the 
patch for their own "flavor" of Android. Support for new OS versions can also be 
mixed. Android uses the notification shade to deliver updates. You can also go to 
Settings—About—System updates. 
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Activity 9-6 


Discussing Mobile Device Security 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. How can the use of mobile devices by employees affect the security of an 
organization as a whole? 


2. What two types of biometric authentication mechanism are supported on 
smartphones? 


3. What might a locator application be used for? 


4. What technology mitigates against an online account being accessed from 
an unknown device? 


5. What is MDM? 


6. True or false? Updates are not necessary for iOS devices because the OS is 
closed source. 
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Topic F 


Troubleshoot Mobile Device Issues 


EXAM OBJECTIVES COVERED 
El 1002-3.4 Given a scenario, troubleshoot mobile OS and application issues. 


1002-3.5 Given a scenario, troubleshoot mobile OS and application security issues. 


You can use similar troubleshooting techniques as for PCs and laptops to resolve 
issues on mobile device operating systems and applications. One difference is that 
apps, operating system, and hardware are tightly integrated in mobile devices such as 
smartphones and tablets. You may need to troubleshoot all three components in order 
to determine which one is actually causing the issue. 


MOBILE OS TROUBLESHOOTING TOOLS 


When you are troubleshooting a mobile OS, you need to know how to find 
configuration options and perform different types of device resets. 


ADJUSTING SETTINGS 


In iOS, configuration settings are stored under the Settings app. There are settings for 
both the core OS and for individual apps. In Android, the Settings app can be added to 
the home screen or accessed via the Cog icon in the notification shade. 


CLOSING RUNNING APPS 


A mobile OS performs sophisticated memory management to be able to run multiple 
applications while allowing each app to have sufficient resources and preventing an 
app from consuming excessive amounts of power and draining the battery. The 
memory management routines shift apps between foreground (in active use), 
background (potentially accessing the network and other resources), and suspended 
(not using any resources). 


Both iOS and Android show a "multitasking" list of apps that the user has opened. This 
multitasking list doesn't actually mean that the app is loaded into memory, however. In 
Android, you can remove an app from the list by pressing the multitasking button (a 
square or rectangle) then swiping the app left or right off the screen. Doing this won't 
have any impact on performance. 


If an app is actually unresponsive, it can be closed via the force stop option. 


* In Android, open Settings—Apps. Tap an app, then select the Force Stop option to 
close it or the Disable option to make it unavailable. 


* IniOS, clearing an app from the multitasking list also force stops it. Double tap the 
Home button then swipe the app up off the screen. 
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In Android, tap the multitasking button (bottom-right) to view open apps, then swipe left or right to 
remove them; use the Force Stop option in app settings to fully close an app. 


UNINSTALL/REINSTALL APPS 


Another stock response to an app issue is to uninstall then reinstall it. 


* To uninstall an iOS app, tap-and-hold it until it wiggles, then press the X icon and 
confirm by pressing Delete. You cannot uninstall default apps. To return the screen 
to normal, press the Home button. You can also delete apps from Settings or from 
iTunes. 

«In Android, use Settings—Apps to uninstall (completely remove) or disable (prevent 
from running) apps. You can also long-press an icon on the home screen then drag 
it to the Uninstall icon (dragging it to Remove just hides the app icon). 


Apps can be reinstalled via the store (without having to pay for them again!). 


REBOOTING A MOBILE DEVICE 


Just as turning it off and on again is the tried and trusted method of "fixing" a 
computer, a reboot can resolve many software-related issues on a mobile device. 
Users generally leave their mobile devices in a sleep state. Powering the device off 
closes all applications and clears any data from RAM. Data and settings stored in the 
device are not affected. This kind of soft reset is usually effective in restoring 
unresponsive or frozen systems and is one of the first things to try when faced with a 
malfunctioning app or slow performance. It is also used after the installation of some 
apps. 

* OniOS, holding the Sleep/Wake button down for a few seconds brings up a menu 
prompting the user to swipe so the device can be shut down. When you are 
troubleshooting, leave the device powered off for a minute, and then restart by 
holding the Sleep button again. If the touchscreen is unresponsive, you can 
perform a forced restart by pressing the Sleep/Wake and Home buttons for 10 
seconds. The screen will go black then the device will restart. When performing a 
forced restart, unsaved data in current use may be lost. 

* On Android, to power off, hold the Power button for a few seconds to bring up the 
Power Off prompt. If the touchscreen is unresponsive, a forced restart can often be 
performed by holding the Power button for 10 seconds, though some Android 
devices use a different key combination for this. You can also boot an Android 
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device to Safe Mode by tap-and-holding the Power Off message. Safe Mode 
disables third-party apps, but leaves core services running. 


FACTORY DEFAULT RESET 


A factory default reset removes all user data, apps, and settings. The device will 
either have to be manually reconfigured with a new user account and apps reloaded, 
or restored from a backup configuration. When you are performing a factory reset, 
ensure that the device has a full battery charge or is connected to an external power 
source. 


* To factory reset an iOS device, connect it to a PC or Mac running iTunes. You can 
use the Update button on the device's summary page to try to reinstall iOS without 
removing user data. If this does not work, use the Restore button to perform a 
factory reset. If the Update or Restore buttons are not available, use the force soft 
restart method described earlier while the device is connected to iTunes. 

* For Android, you should check for specific instructions for each particular device. On 
stock Android, you can initiate a reset from the Backup and Reset section of 
Settings. If the device will not boot normally, you can enter recovery mode using 
some combination of the power and volume buttons. 


OF Note: Some vendors may use the term "hard reset" to mean a factory reset. 


protect against theft of the device or your account information. Make sure you have the 
account credentials available and do not attempt a factory reset within 72 hours of 
changing your account password. 


@ Note: You might be required to sign in immediately after performing a factory restore to 


GUIDELINES FOR USING MOBILE TROUBLESHOOTING 
TOOLS 


Note: All of the Guidelines for this lesson are available as checklists from the Checklist 
Vf tile on the CHOICE Course screen. 


Here are some guidelines to help you use mobile troubleshooting tools. 


USE MOBILE TROUBLESHOOTING TOOLS 


Consider these guidelines for using mobile troubleshooting tools: 


+ Adjust settings for the core OS and for apps. 

* Close running apps that are consuming too much power and draining the battery or 
those that are unresponsive. 

* Uninstall apps that are no longer needed or reinstall apps after replacing a device 
or after previously uninstalling an app. 

* Try a soft reset for devices that are frozen or unresponsive. If that doesn't work, use 
a forced restart. 

* Perform a factory default reset when reissuing the mobile device to another user or 
preparing it for disposal. 


MOBILE OS ISSUE TROUBLESHOOTING 


Like any other computer, mobile devices can have their own issues that need 
diagnosing and fixing. 
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DIM DISPLAY 

One of the common issues is a dim display. This usually happens when the user has 
set the backlight to its lowest setting (and disabled automatic light adjustment) or the 
phone is set to conserve power by auto dimming the light. To adjust, open Display 
settings and select the automatic brightness option or adjust the slider. 


[4] Saving screenshot... 
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Screen Brightness adjustment. 


It is also worth checking for third-party power management apps or the use of a 
battery-saver mode or profile that automatically dims the backlight to conserve power. 


TOUCHSCREEN UNRESPONSIVE OR INACCURATE 


If the touchscreen is unresponsive or does not register touches at the correct 
coordinates, first check for obvious hardware issues (dirt, grease, or cracks). If a screen 
protector is fitted, check that it is securely adhered to the surface and that there are no 
bubbles or lifts. 


If you can rule out simple hardware causes, unresponsive touch input can be an 
indication of resources being inadequate (too many open apps) or badly written apps 
that hog memory or other resources. A soft reset will usually fix the problem in the 
short term. If the problem is persistent, either try to identify whether the problem is 
linked to running a particular app or try freeing space by removing data or apps. 
Windows devices and some versions of Android support re-calibration utilities, but if 
you cannot identify another cause, then you are likely to have to look at warranty 
repair. 


EXTERNAL MONITOR ISSUES 


Screen sharing can be enabled via an adapter cable. If there is a problem, you should 
try to rule out a bad cable first. 


Lesson 9: Supporting and Troubleshooting Mobile Devices | Topic F 


The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 557 


Mobiles can also connect to wireless displays or reception dongles. The principal issue 
here is that the various wireless standards (Miracast/Wi-Fi Direct, Intel WiDi, Apple 
AirPlay, Google Chromecast, and Amazon Fire TV) are not interoperable so you need to 
ensure both the broadcast and reception devices are using the same technology. You 
also need to rule out the usual potential sources of wireless interference. 


Note: Miracast is based on Wi-Fi Direct, which is less proprietary than the other 
standards but there are lots of interoperability problems between "Miracast-compatible" 
devices. The TV vendors all have different names for it (smartShare, Screen Mirroring, 
Display Mirroring, and so on). 


SOUND ISSUES 


If no sound is playing from the device speakers, first check that the volume controls 
are not turned all the way down and that the mute switch is not activated. Next verify 
that the device is not in a silent/no interruptions mode. If the problem is restricted to a 
particular app, check whether it has its own volume controls. If you cannot identify a 
software issue, check that the device is not configured to use external speakers. These 
could be connected via a cable or by Bluetooth. 


OVERHEATING 


Devices have protective circuitry that will initiate a shut down if the internal 
temperature is at the maximum safe limit. 


Handheld devices use passive cooling and so can become quite warm when used 
intensively. Also make sure that the device is not left sitting in direct sunlight. If a 
handheld device becomes unusually hot, suspect a problem with the battery. There 
may be a utility that you can use to access battery status information. You can also use 
an app to monitor the battery temperature and then compare that to the operating 
limits. Generally speaking, approaching 40°C is getting too warm. 


giffgaff 
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CPU-Z app showing the device's battery status. 
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If a device overheats repeatedly, check for apps with consistently high CPU utilization. 
If the device is a few years old, consider the possibility that the battery is failing. 
Monitor the device during charging cycles; if it overheats, then discontinue use and 
have it inspected at a repair center. 


Note: If you have any reason to suspect that a device is prone to overheating, do not 
leave it to charge unattended. 


GUIDELINES FOR TROUBLESHOOTING MOBILE OS ISSUES 


Here are some guidelines to help you troubleshoot mobile OS issues. 


TROUBLESHOOT MOBILE OS ISSUES 


Consider these guidelines as you troubleshoot the following mobile OS issues: 


* Dim display. Open the Display settings and adjust the automatic brightness option 
or adjust the brightness slider. Check for apps that dim the backlight to conserve 
power. 

+ Unresponsive or inaccurate touchscreen. Check for issues with the screen, that 
any screen protectors are not damaged or incorrectly applied. Check that there are 
adequate resources available. Use a re-calibration utility if no other cause for the 
issue is found. 

* Issues with external monitor. Verify that the cable is good. Verify that a casting 
dongle (Google Chromecast, Miracast, AirPlay, Amazon Fire, etc) is configured 
correctly between the device and the mobile device. 

* Sound issues. Verify volume controls are set correctly. Verify silent mode is not 
enabled. Check volume controls within the app. Verify it is not configured to use 
external speakers through a cable or Bluetooth. 

* Overheating. Determine if the device is being used intensively. Use a battery 
monitor to view battery status information. Keep device away from direct sunlight 
or other heat sources. 


MOBILE APP ISSUE TROUBLESHOOTING 


As noted previously, with a mobile device it can be difficult to identify when a problem 
might be caused by the hardware, the OS, or a particular app. 


APPS NOT LOADING 

Sometimes the user cannot open a series of apps. This is common when apps have 
been moved or installed to a flash memory card. If the card is removed, malfunctions, 
or has been wiped, it will cause the user to lose access to that app. Apps can usually be 
reinstalled from the preferred app store without having to repurchase again. 
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Missing apps on an Android phone. 


Other issues could be some sort of file corruption. Try uninstalling and reinstalling the 
app; if the problems persist, consider a factory reset. 


Note: Also consider that Mobile Device Management (MDM) software might prevent an 

© app or function from running in a certain context. Security policies might prevent use of 
the camera within the corporate office, for instance, and any app that requires the 
camera might then fail to start. 


APP LOG ERRORS 

As consumer-level devices, iOS and Android do not support simple log viewing tools. 
An app could choose to display its own logs to the user if required, but an app requires 
root-level permissions to view system logs or the logs of other apps. 


Android supports a developer mode, enabled via Settings (access System—About 
phone and tap Build number seven times), which can show additional diagnostic 
information when using apps or making network connections. You can also output 
debugging information over USB. You can use this in conjunction with the SDK to 
retrieve system logs. Also, on most Android handsets, you can dial *#*#4636#*#* to 
open the status page. 


You can view an iOS device's logs from a macOS computer with the Xcode developer 
tools installed. 


SLOW PERFORMANCE 


As phones get older, their performance naturally degrades as apps are updated to 
provide more functionality and features. In order to enable these extra features, they 
require more memory, space, and CPU power. This results in greater battery utilization 
and a decrease in performance. As space is reduced and the phone is used more 
intensively, this can lead to an increase in the amount of errors and corruptions. 
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If soft resets are not working, consider performing a factory reset. When restoring 
apps and data from backup, try to be selective in choosing what is restored. There are 
also various apps dedicated to performance optimization and maintenance. 


You should also consider any recently installed apps. Having many apps that run some 
sort of monitoring or connectivity check in the background or apps that display real- 
time content in a home screen widget will impact performance. You should also check 
that there is sufficient space left on the flash memory storage. 


Note: Vendors try to support device models for as long as possible, but it is frequently 
the case that major (or sometimes minor) version updates can quite severely impact 
performance if applied to older devices. Unfortunately, vendors tend not to provide a 
rollback option for version updates. You can only report the issue and hope the vendor 
supplies a fix. 


BATTERY LIFE 

Smartphone batteries degrade over time with each charge and recharge cycle so some 
decrease in performance is to be expected. Some mobile devices have replaceable 
batteries but for most models this will be a warranty service operation. 


CPU and GPU intensive apps such as games and video playback will drain the battery 
quickly. A battery charge might be degraded by a faulty or malicious app utilizing high 
powered peripherals such as GPS, network connections, or even the microphone and 
camera. You can get information about battery usage via Settings—More—Battery in 
Android or Settings— Battery in iOS. 
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Battery Analyzers for iOS and Android with option to conserve battery. 


It might be appropriate to uninstall the app. Alternatively you might be able to restrict 
the app from running in the background. In iOS, configure this via 
Settings—General—Background App Refresh. In Android, a battery saver mode can 
be applied automatically when the charge level drops to a certain percentage or you 
can apply it manually. To configure it, select Settings—Battery. Tap the top-right 
ellipse button for the settings menu and select Battery saver. 


Keeping your device up-to-date with the latest patches and OS version also ensures 
optimum operation and battery life conservation. 


GUIDELINES FOR TROUBLESHOOTING MOBILE APP ISSUES 


Here are some guidelines to help you troubleshoot mobile app issues. 


TROUBLESHOOT MOBILE APP ISSUES 

Consider these guidelines as you troubleshoot the following mobile app issues: 

+ Ifan app is not loading, verify that it wasn't installed on a memory card that is not in 
the mobile device. Verify that the app is not corrupted; uninstall and reinstall the 
app. 

* Examine app log files to determine if the issue can be tracked down in the log file. 

* Put the device in developer mode to access log files: 

* Android devices: System—About phone and tap Build number seven times or 
dial *#*#4636#*#*. 

* iOS devices: Connect the device to a macOS computer with the Xcode developer 
tools installed. 

* Slow performance can be caused by newer apps requiring more resources than are 
available, reduced battery life, and lack of free storage space. Check that recently 
installed apps are functioning correctly and are not running in the background. 
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* Battery life degrades over time. Keep the OS up-to-date to ensure optimum 
operations and battery life conservation. 


MOBILE WIRELESS ISSUE TROUBLESHOOTING 


Networking is another area where problems occur frequently. On a mobile device, that 
means troubleshooting wireless connections of different types (Wi-Fi, Bluetooth, or 
cellular radio). To approach these problems, try to establish whether there is a 
configuration error or some sort of hardware/interference problem. 


TROUBLESHOOTING INTERFERENCE ISSUES 


Radio signals can be affected by the distance between the broadcast and reception 
antennas and by interference from other devices or by barriers such as thick walls or 
metal. On a mobile, you should also consider that a low battery charge will weaken the 
signal strength. 


You can troubleshoot issues with Wi-Fi signal strength using a Wi-Fi Analyzer app 
installed on the device. Most apps can record the settings in a particular location so 
that you have a baseline reading to compare to. If the signal varies from the baseline, 
check what interference sources might have been introduced. 
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Cell Tower Analyzer (left) and Wi-Fi Analyzer (right). 


A similar utility (Cell Tower Analyzer or GSM Signal Monitor) can be used to analyze 
cellular radio signals, which use different frequencies to Wi-Fi. An app might combine 
both functions. 


TROUBLESHOOTING WIRELESS CONFIGURATION ISSUES 

If there is no Wi-Fi, cellular, or Bluetooth connectivity, first check that the device is not 
in airplane mode or that the particular radio has not been disabled. Next use Settings 
to verify that the network parameters or Bluetooth pairing information is correct. Try 

removing the network or Bluetooth pair and reconnecting. 
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With Wi-Fi, verify that the access point supports the same 802.11 standard as the 
device. For example, an access point configured to use 802.11ac only will not be 
accessible to a smartphone with an 802.11n adapter. The access point must be put into 
compatibility mode. 

If you can rule out any other configuration errors, consider obtaining an OS or 
firmware update for the device or for the access point. Research any known issues 
between the access point and the model of device. 


GUIDELINES FOR TROUBLESHOOTING MOBILE WIRELESS 
ISSUES 


Here are some guidelines to help you troubleshoot mobile wireless issues. 


TROUBLESHOOT MOBILE WIRELESS ISSUES 


Consider these guidelines as you troubleshoot the following mobile wireless issues: 


* Interference issues: Use a Wi-Fi Analyzer app to check for interference and signal 
strength. 
* Configuration issues: 


* Verify that the device is not in airplane mode. 

* Verify that a particular radio service has not been disabled. 

+ Use Settings to verify that configuration parameters are correctly configured. 

* Verify that the Wi-Fi access point supports the same standard as the mobile 
device. 


@ Note: If none of these are the issue, determine if an OS or firmware update is 


needed. 


MOBILE DEVICE SECURITY TROUBLESHOOTING 


As mentioned previously, antivirus software for mobile OS is available but not always 
that reliable, as new threats and exploits are emerging all the time. You should be alert 
to general symptoms of malware. 


UTILIZATION SYMPTOMS 

Malware or rogue apps are likely to try to collect data in the background. They can 
become unresponsive and might not shut down when closed. Such apps might cause 
excessive power drain and high resource utilization. Another telltale sign of a 
hacked device is reaching the data transmission overlimit unexpectedly. Most 
devices have an option to monitor data usage and have limit triggers to notify the user 
if the limit has been reached. This protects from large data bills but should also prompt 
the user to check the amount of data used by each application in order to monitor 
their legitimacy. 

Unauthorized location tracking can give away too much sensitive information to 
third parties. Many apps collect location data; not many explain clearly what they do 
with it. Most app developers will just want information they can use for targeted 
advertising, but a rogue app could use location data to facilitate other crimes, such as 
domestic burglary. 
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Location services in iOS (left) and Android. Note the option to configure location mode/accuracy. 


S068 


Note: Criminals don't necessarily need to hack a device to get location information. If 
someone posts pictures online, most will be tagged with location information. A criminal 
can quite easily get information about where someone lives and then identify when they 
are on vacation from social media. Users should be trained to strip geotagging 
information (or all metadata) from images before posting them online. 


Location Services can be turned off completely but this will stop many apps from 
working. You can disable location services on an app-by-app basis, too. 


Mobile OSes, like other operating systems, potentially have vulnerabilities that can be 
exploited to allow an attacker unauthorized root access. Root is an account with 
system-level access to every process running in the OS. If an attacker has this type of 
access, they can even remotely activate the camera and microphone. With corporate 
and government installations, this could cause a security breach of sensitive data. The 
recommendation is to disable and cover cameras and microphones when in sensitive 
areas. Some companies and government buildings prevent usage of mobile devices in 
such areas to avoid unauthorized camera and microphone usage. 


Good patch and upgrade management is required to keep the OS current and up to 
date. 


USER BEHAVIOR ISSUES 


System security is not just compromised by malware and hackers. Careless use and 
failure to follow security best practices cause users to put themselves and the data 
stored on their devices at risk. 


When a user needs to connect to the Internet, it can be tempting to use any available 
open hotspot, especially if the hotspot has the name of a major brand. An open 
hotspot set up with malicious intent can harvest a huge amount of information. Any 
data passing over the access point can be intercepted, unless it is protected by 
encryption (an HTTPS website, an SSL-enabled mail server, or a Virtual Private Network, 
for instance). There have also been instances where attackers have been able to 
exploit faults in the certificate-handling processes of the OS and gained the ability to 
intercept encrypted traffic too. 
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There are apps and OS settings that autoconnect to service providers' hotspots. These 
should be secure, if you trust the service provider to operate a secure network. If the 
user notices unintentional behavior, however, such as connecting to a Wi-Fi network 
without prompting or the Wi-Fi radio turning itself on, suspect a rogue app. 


Note: In the context of troubleshooting security issues, if the signal from wireless 
equipment drops unexpectedly or users experience slow data speeds, you might also 


suspect some sort of jamming or Denial of Service (DoS) attack. An attacker might try 
to block the signal from a legitimate access point to try to trick users into connecting to a 
rogue access point or evil twin. 


Unintended Bluetooth pairing is when anonymous devices are allowed to pair with 
Bluetooth-enabled devices. Once paired, a rogue device could access most of the data 
and functions on the target device. Bluebugging, for instance, exploited a firmware 
flaw to allow an attacker to monitor and place telephone calls. Most devices only turn 
Bluetooth discoverable mode on for a limited amount of time to minimize the risk of 
rogue pairing events. Bluetooth should be disabled completely when not in use. Also 
consider the possibility that a rogue app could be changing Bluetooth settings. 


SYSTEM LOCKOUT AND UNAUTHORIZED ACCOUNT ACCESS 


A user can be locked out if the device has been disabled either by means of the user 
forgetting the passcode or remotely by Find My Phone type software if the device is 
reported stolen. There are a number of ways to re-enable the device. Usually the user 
has to wait a certain amount of time to try again or use the recovery tool in iTunes (iOS 
devices) to restore the device. 


mitigate this issue by isolating business data from personal data. A data container 
creates a virtual environment when the app is launched. Using this virtual environment, 
the user accesses corporate emails and other corporate data. The app creates an 
encrypted data store, and the user is not permitted to copy data from outside the 
container or to move data from within the container. This keeps the business data 
isolated and secure. 


© Note: Lost and stolen devices can expose sensitive corporate data. Data containers 


If an online account becomes locked and the user has not been making the logon 
attempts, suspect attempted unauthorized account access. Various data breaches 
have provided hackers with mountains of authentication credentials and personal 
information to use to try to access email accounts. Once an email account is 
compromised, the hacker can typically access any other online account that is not 
protected by secondary authentication, such as 2-step verification. 


Whenever a website or service suffers a data breach and leaks personal files/data, it 
should notify users immediately. Users need to be alert to the possibility of the theft of 
their personal information and deploy good security practices, such as not using the 
same password for two different websites and changing passwords regularly. 


TROUBLESHOOTING EMAIL PROBLEMS 


When you are troubleshooting an email problem, verify that the user's credentials and 
the email server parameters are set correctly (server type, location (IP or URL), port 
number, and SSL enable/disable). One typical problem with corporate email is where a 
password change is enforced on the enterprise network but the mobile device has not 
been updated with the new password. 


Users often want to send confidential email with the assurance that only the recipient 
can read it. To do this, the recipient sends the sender a digital certificate and the 
sender uses the public key in that certificate to encrypt the message. The recipient 
then uses another part of the certificate (the private key) to decrypt the message. 
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If the certificate is missing or not recognized, the device will be unable to decrypt the 
email. Use the email client or encryption program's support documentation to find out 
how to install or locate the appropriate certificate. 


GUIDELINES FOR TROUBLESHOOTING MOBILE DEVICE 
SECURITY ISSUES 


Here are some guidelines to help you troubleshoot mobile device security issues. 


TROUBLESHOOT MOBILE DEVICE SECURITY ISSUES 


Consider these guidelines as you troubleshoot the following mobile device security 
issues: 


If there is a huge power drain or high resource utilization, check for malware or 
rogue apps. 

Check for unauthorized location tracking. 

Remove geotagging information or metadata from images posted online. 

Ensure users are not engaging in behavior that makes their devices vulnerable to 
attack. 

If using settings that allow automatic connection to service provider hotspots, verify 
that the hotspot and device are using trusted, secure connections. 

Ensure unintended Bluetooth pairing is not allowed. 

Ensure users are locking the device when unattended. 

Install apps or enable OS features that allow the phone to be locked and/or wiped if 
it is lost or stolen. 

Verify that email passwords changed on the enterprise network are replicated to 
the mobile device. 

When sending and receiving encrypted emails with a digital certificate, use the 
email client or encryption program's support documentation to install or locate the 
appropriate certificate. 


that supplement the content for this lesson. 


>) Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
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Activity 9-7 


Troubleshooting Mobile Device Issues 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. True or false? A factory reset preserves the user's personal data. 


2. What is the first step to take when an app no longer loads? 


3. Your organization has several tablet devices that are loaned out as needed when 
employees are traveling. Some users have reported problems getting the 
Bluetooth keyboard to work with one of the tablets. 


What should you do? 


4. A user reports that the touchscreen on his mobile device is not responding 
properly. 


What questions should you ask, and what steps might you take to resolve 
the issue? 


5. What is a Wi-Fi Analyzer used for? 
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6. What are the causes of severe battery drain? 
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Summary 


In this lesson, you worked with mobile computing devices. You examined mobile 
device technologies, including smartphones, tablets, wearable devices, and more. As 
an A+ technician, you will need to be able to expertly support and troubleshoot mobile 
devices. 


In your professional experience, have you supported mobile devices? If not, what 
kind of experience do you have with them? 


What type of technical support do you think will be expected of an A+ technician 
as mobile devices become even more prominent within the workplace? 


Practice Question: Additional practice questions are available on the CompTIA CHOICE 
platform within the Assessments tile. 
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Lesson 10 


Implementing Client Virtualization and Cloud 
Computing 


LESSON INTRODUCTION 


As organizations grow in size and scope, there is an increased need for resources, especially when 
it comes to computing. Virtualization can help ease the growing pains of an organization by 
providing the opportunity to leverage one computer and one operating system for use over many 
systems, and save valuable time and resources when it comes to hardware, software, and 
personnel. 


Virtualization is also the technology underpinning cloud computing; one of the dominant trends in 
networking. Many organizations are outsourcing parts of their IT infrastructure, platforms, storage, 
or services to a cloud service provider. Virtualization is at the core of cloud service provider 
networks. As a CompTIA® A+° technician, your customers will expect you to be able to advise on 
types of cloud deployments and identify some of the configuration issues involved in connecting to 
cloud services. 


LESSON OBJECTIVES 


In this lesson, you will: 
* Set up and configure a hypervisor and virtual machine guests. 


* Identify the purposes and types of cloud services. 
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Topic A 


Configure Client-Side Virtualization 


EXAM OBJECTIVES COVERED 
is 1001-4.2 Given a scenario, set up and configure client-side virtualization. 


Virtualization separates the elements of the computing environment—the applications, 
operating system, programs, documents, and more—from each other and from the 
physical hardware by using an additional software layer to mediate access. 
Virtualization can provide flexibility and scalability for organizations where the costs for 
hardware and software and the IT infrastructure needed to maintain them both 
continue to increase. It can increase resource utilization by allowing resources to be 
pooled and leveraged as part of a virtual infrastructure, and it can provide for 
centralized administration and management of all the resources being used 
throughout the organization. 


As a CompTIA A+ technician, you will often be called upon to deploy, configure, and 
support Virtual Machines (VMs). You need to know about the types, capabilities, and 
uses of different virtualization technologies. 


VIRTUALIZATION 


When computers based on the microprocessor CPU were first produced, a single 
computer was designed to run a single operating system at any one time. This makes 
multiple applications available on that computer—whether it be a workstation or 
server—but the applications must all share a common OS environment. Some 
computers were configured with two or more operating systems and could choose the 
one to load at boot time (multiboot). The operating systems could not be used 
simultaneously, however. 


Dramatic improvements and cost reductions in CPU and system memory technology 
mean that all but the cheapest computers are now capable of virtualization. 
Virtualization means that multiple operating systems can be installed and run 
simultaneously on a single computer. 


There are many different ways of implementing this and many different reasons for 
doing it. In general terms, though, a virtual platform requires at least three 
components: 


* Computer(s)—the platform or host for the virtual environment. Optionally, there 
may be multiple computers networked together. 

e Hypervisor or Virtual Machine Monitor (VMM)—manages the virtual machine 
environment and facilitates interaction with the host hardware and network. 

* Guest operating systems or Virtual Machines (VMs)—operating systems installed 
under the virtual environment. The number of operating systems is generally only 
restricted by hardware capacity. The type of guest operating systems might be 
restricted by the type of hypervisor. 


The presence of other guest OSs can be completely transparent to any single OS. Each 
OS "thinks" it is working with a normal CPU, memory, hard disk, and network link. The 
guest OSs can be networked together or they may be able to share data directly 


Lesson 10: Implementing Client Virtualization and Cloud Computing | Topic A 


The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 573 


through the hypervisor, though for security reasons this is not commonly 
implemented. 


HYPERVISORS 


As noted previously, a hypervisor manages the virtual machine environment and 
facilitates interaction with the host hardware and network. 
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Microsoft Hyper-V hypervisor software. This machine is running several Windows and Linux guest 
operating systems. You can see each is allocated a portion of system memory to use. (Screenshot used 
with permission from Microsoft.) 


Some of the main functions of the hypervisor include: 


* Emulation—each guest OS expects exclusive access to resources such as the CPU, 
system memory, storage devices, and peripherals. The hypervisor emulates these 
resources and facilitates access to them to avoid conflicts between the guest OSs. 
The VMs must be provided with drivers for the emulated hardware components. 

* Guest OS support—the hypervisor may be limited in terms of the different types of 
guest operating systems it can support. Virtualization is often used as a means of 
installing old OSs, such as MS-DOS or Windows 9x, as well as modern versions of 
Windows and Linux. 


Note: macOS can also be installed as a VM. This breaks the terms of Apple's EULA if 
the hardware platform is not itself an Apple PC. 


* Assigning resources to each guest OS—for example, if the host computer has 4 GB 
memory, 1 GB might be required by the host OS, leaving 3 GB to assign to each 
guest OS. You could have three guests, each configured with 1 GB, for instance. 
Similarly, each guest OS will take up disk space on the host. Data is saved to virtual 
disk image files. 

* Configuring networking—a hypervisor will be able to create a virtual network 
environment through which all the VMs can communicate. It will also be able to 
create a network shared by the host and by VMs on the same host and on other 
hosts. Enterprise virtual platforms allow the configuration of virtual switches and 
routers. 
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* Configuring security—ensures that guests are "contained" and cannot access other 
VMs or the host except through authorized mechanisms. This is important to 
prevent data "leaking" from one VM to another, to prevent one compromised VM 
from compromising others, and to prevent malware from spreading between VMs 
or from a VM to the host. 


One basic distinction that can be made between virtual platforms is between host and 
bare metal methods of interacting with the computer hardware. 


HOST-BASED HYPERVISOR 


In a guest OS (or host-based) system, the hypervisor application, known as a Type 2 
hypervisor, is itself installed onto a host operating system. Examples of host-based 
hypervisors include VMware Workstation™, Oracle® VirtualBox, and Parallels® 
Workstation. The hypervisor software must support the host OS. For example, Parallels 
Workstation is designed to run on macOS®. You cannot run it on a Windows® PC but 
you can use it to run a Windows VM on macOS. 


Ubuntu Server Windows XP Windows 7 
Guest OS Guest OS Guest OS 


Windows Server Windows 7 


Hypervisor 


Hardware 


Guest OS virtualization (Type 2 Hypervisor). The hypervisor is an application running within a native 
OS and guest OSs are installed within the hypervisor. 


BARE METAL HYPERVISOR 

A bare metal virtual platform means that the hypervisor—called a Type 1 hypervisor 
—is installed directly onto the computer and manages access to the host hardware 
without going through a host OS. Examples include VMware ESX® Server, Microsoft's 
Hyper-V®, and Citrix's XEN Server. The hardware need only support the base system 
requirements for the hypervisor plus resources for the type and number of guest OSs 
that will be installed. Linux® also supports virtualization through Kernel-based Virtual 
Machine (KVM). KVM is embedded in the Linux kernel. 
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Type 1 "bare metal" hypervisor. The hypervisor is installed directly on the host hardware along with a 
management application, then VMs are installed within the hypervisor. 


installed, providing the hypervisor supports them. 32-bit hypervisors will not support 64- 


Note: If the hypervisor is running in a 64-bit environment, 32-bit guest OSs can still be 
bit guest OSs, however. 


PROCESSOR SUPPORT AND RESOURCE REQUIREMENTS 


CPU vendors have built special instruction set extensions to facilitate virtualization. The 
Intel technology for this is called VT-x (Virtualization Technology) while AMD calls it 
AMD-V. Most virtualization products also benefit from a processor feature called 
Second Level Address Translations (SLAT), which improves the performance of 
virtual memory when multiple VMs are installed. Intel implements SLAT as a feature 
called Extended Page Table (EPT) and AMD calls it Rapid Virtualization Indexing (RVI). 


Most virtualization software requires a CPU with virtualization support enabled and 
performance of the VMs will be impaired if virtualization is not supported in the 
hardware. Some cheaper CPU models ship without the feature and sometimes the 
feature is disabled in the system firmware. If specifying a computer that will be used 
for virtualization, check the CPU specification carefully to confirm that it supports Intel 
VT-x or AMD-V and SLAT, if necessary. 


Multiple CPU resources—whether through Symmetric Multiprocessing (SMP) or 
multiple physical processors, multicore, or HyperThreading—will greatly benefit 
performance, especially if more than one guest OS is run concurrently. 


As mentioned earlier, each guest OS requires sufficient system memory over and 
above what is required by the host. For example, it is recommended that Windows 7 
be installed on a computer with at least 1 GB memory. This means that the host must 
have at least 2 GB and possibly more. As you can see, if you want to run multiple guest 
operating systems concurrently, the resource demands can quickly add up. If the VMs 
are only used for development and testing, then performance might not be critical and 
you may be able to specify less memory. 


Each guest OS also takes up a substantial amount of disk space. The VM's "hard disk" is 
stored as an image file on the host. Most hypervisors use a "dynamically expanding" 
image format that only takes up space on the host as files are added to the guest OS. 
Even so, a typical Windows installation might require 20 GB. More space is required if 
you want to preserve snapshots. A snapshot is the state of a disk at a particular point- 
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in-time. This is useful if you want to be able to roll back changes you make to the VM 
during a session. 


Note: /n an enterprise environment, you need not be constrained by the local disk 
resources on the host. Disk images could be stored in a high-speed Storage Area Network 
(SAN). 


Most hypervisors also allow guest VMs to use the host's adapters (sound card, for 
instance) and peripherals (input devices, printers, and USB devices, for instance). 


VIRTUAL NETWORKS 


Where multiple virtual machines are running on a single platform, virtualization 
provides a means for these VMs to communicate with each other and with other 
computers on the network—both physical and virtual—using standard networking 
protocols. 


The guest operating system running in each virtual machine is presented with an 
emulation of a standard hardware platform. Among the hardware devices emulated 
will be one or more network adapters. The number of adapters and their connectivity 
can typically be configured within the hypervisor. 


Within the virtual machine, the virtual adapter will look exactly like an ordinary NIC and 
will be configurable in exactly the same way. For example, protocols and services can 
be bound to it and it can be assigned an IP address. 


Typically, a hypervisor will implement network connectivity by means of one or more 
virtual switches (or vSwitches using VMware's terminology). These perform exactly 
the same function as Ethernet switches, except that they are implemented in software 
rather than hardware. 
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Selecting which virtual switch the network adapter in a VM is connected to. Note that there is also a 
"Not connected" option. (Screenshot used with permission from Microsoft.) 
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Connectivity between the virtual network adapters in the guest VMs and the virtual 
switches is configured via the hypervisor. This is analogous to connecting patch cables 
between real computers and real switches. Multiple virtual machines may be 
connected to the same virtual switch or to separate switches. The number of virtual 
switches supported varies from one hypervisor to another. 


In this networking model, the virtual machines and the virtual switch can all be 
contained within a single hardware platform, so no actual network traffic is generated. 
Instead, data is moved from buffers in one virtual machine to another. 


It is also possible to configure connectivity between the host computer's physical NIC 
and the virtual switches. This provides a bridge between the virtual switches within the 
host platform and the physical switches on the network, allowing frames to pass 
between physical and virtual machines and between the virtual machines and the host. 


For example, in Microsoft's Hyper-V virtualization platform, three types of virtual switch 
can be created: 


« External—binds to the host's NIC to allow the VM to communicate on the physical 
network. 

+ Internal—creates a switch that is usable only by VMs on the host and the host 
itself. 

+ Private—creates a switch that is usable only by the VMs. They cannot use the 
switch to communicate with the host. 
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Configuring virtual switches in Microsoft's Hyper-V hypervisor. Most of the switches are private, which 
means that only the VMs can access them. The selected virtual switch can share the host network 
adapter, though, allowing communication between the VM and the host and allowing the VM to use 
the physical network to access the Internet. (Screenshot used with permission from Microsoft.) 


Note: When the VMs are allowed to interact with a "real" network, the host must support 
a high bandwidth, high availability network link. Any failure of the physical link will affect 
multiple VMs. 
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VIRTUAL MACHINES 


In principle, any type of operating system can be virtualized. This includes client OSs 
and server OSs. Note that some hypervisors have limited support for certain operating 
systems. For example, Hyper-V only provides support for particular distributions of 
Linux, though the situation is improving as the Hyper-V Linux Integration Services (LIS) 
drivers get added to the kernel of more Linux distributions. 


There are also many different purposes for deploying a virtual platform. You can make 
a rough distinction between client-side virtualization, deployed to desktop-type 
machines, and server-side virtualization. 


CLIENT-SIDE VIRTUALIZATION 


Client-side virtualization refers to any solution designed to run on "ordinary" desktops 
or workstations. Each user will be interacting with the virtualization host directly. 
Desktop virtual platforms, usually based on some sort of guest OS hypervisor, are 
typically used for testing and development: 


* Virtual labs—create a research lab to analyze viruses, worms, and Trojans. As the 
malware is contained within the guest OS, it cannot infect the researcher's 
computer or network. 

* Support legacy software applications—if the host computers have been upgraded, 
software may not work well with the new operating system. In this scenario, the old 
OS can be installed as a VM and the application software accessed using the VM. 

* Development environment—test software applications under different operating 
systems and/or resource constraints. 

* Training—lab environments can be set up so that learners can practice using a live 
operating system and software without impacting the production environment. At 
the end of the lab, changes to the VM can be discarded so the original environment 
is available again for the next student to use. 


SERVER-SIDE VIRTUALIZATION 


For server computers and applications, the main use of virtualization is better 
hardware utilization through server consolidation. A typical hardware server may 
have resource utilization of about 10%. This implies that you could pack the server 
computer with another 8 or 9 server software instances and obtain the same 
performance. 


SECURITY REQUIREMENTS 


Like any computing technology, deploying a virtualization solution comes with security 
challenges. 


GUEST OS SECURITY 


Each guest OS must be patched and protected against viruses and Trojans like any 
other OS. Patching each VM individually has performance implications, so in most 
environments, a new image would be patched and tested then deployed to the 
production environment. Running security software (antivirus and intrusion 
prevention) on each guest OS can cause performance problems. Solutions for running 
security applications through the host or hypervisor are being developed. 


Note: Ordinary antivirus software installed on the host will NOT detect viruses infecting 
the guest OS. Scanning the virtual disks of a guest OS from the host could cause serious 
performance problems. 


The process of developing, testing, and deploying images brings about the first major 
security concern with the virtual platform itself. This is the problem of rogue VMs. A 
rogue VM is one that has been installed without authorization. The uncontrolled 
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deployment of more and more VMs is referred to as VM sprawl. It's a lot easier to add 
a guest image to a server than it is to plug a new hardware server into the network! 


System management software can be deployed to detect rogue builds. More generally, 
the management procedures for developing and deploying machine images need to 
be tightly drafted and monitored. VMs should conform to an application-specific 
template with the minimum configuration needed to run that application (that is, not 
running unnecessary services). Images should not be developed or stored in any sort 
of environment where they could be infected by malware or have any sort of malicious 
code inserted. One of the biggest concerns here is of rogue developers or contractors 
installing backdoors or "logic bombs" within a machine image. The problem of criminal 
or disgruntled staff is obviously one that affects any sort of security environment, but 
concealing code within VM disk images is a bit easier to accomplish and has the 
potential to be much more destructive. 


HOST SECURITY 


Another key security vulnerability in a virtual platform is that the host represents a 
single point of failure for multiple guest OS instances. For example, if the CPU on the 
host crashes, three or four guest VMs and the application services they are running will 
suddenly go offline. 


Another point is that running the host at a constantly high level of utilization could 
decrease the Mean Time Between Failure (MTBF) of its components. The MTBF is the 
number of hours the manufacturer expects that a component will run before 
experiencing some sort of hardware problem. If hardware is subjected to greater than 
expected loads, it may fail more often than expected. 


A successful Denial of Service (DoS) attack on a host machine, host OS, or hypervisor 
will cause far more damage to the server infrastructure than a DoS ona single web 
server. AS an example, most hypervisors support a disk snapshots feature. Snapshots 
allow the user to revert to the saved image after making changes. This can be misused 
to perform DoS by causing the undo files to grow to the point where they consume all 
the available disk space on the host. 


HYPERVISOR SECURITY 


Apart from ensuring the security of each guest OS and the host machine itself, a virtual 
platform introduces an additional layer for the attention of security analysts—that of 
the hypervisor. At the time of writing, there are few significant exploits, but hypervisor 
software is subject to patches and security advisories like any other software. As the 
use of virtual platforms grows, hypervisors will increasingly be the target of attacks. 


Another issue is VM escaping. This refers to malware running on a guest OS jumping 
to another guest or to the host. As with any other type of software, it is vital to keep 
the hypervisor code up-to-date with patches for critical vulnerabilities. 
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Activity 10-1 


Discussing Client-Side Virtualization 
Configuration 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What is a Type 2 hypervisor? 


2. What is a guest OS? 


3. What system resources are most important on a system designed to host 
multiple virtual machines? 


4. What might you need to install to a guest OS to make full use of a 
hypervisor's features? 


5. True or false? VMs can be networked together by using a virtual switch, 
which is implemented in software by the hypervisor. 


6. If users have access to virtualization tools, what network security controls 
might be required? 


7. Ifyou are using a normal antivirus product to protect a VM from malware, 
should you install the A-V product on the host to scan the VM disk image or 
on the VM itself? 
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Topic B 


Cloud Computing Concepts 


EXAM OBJECTIVES COVERED 
El 1001-2.2 Compare and contrast common networking hardware devices. 


1001-4.1 Compare and contrast cloud computing concepts. 


One of the latest trends in networking is to outsource part of an organization's IT 
infrastructure, platforms, storage, or services to a cloud service provider. In this topic, 
you will identify basic cloud concepts. 


CLOUD COMPUTING 


The cloud has lots of different definitions but generally refers to any sort of IT 
infrastructure provided to the end user where the end user is not aware of or 
responsible for any details of the procurement, implementation, or management of 
the infrastructure. Its internal workings are a "cloud"; the end user is only interested in 
and pays for the services provided by the cloud. 


The National Institute of Standards and Technology (NIST) created a standardized 
definition for cloud computing. This allows consumers to more easily compare services 
and deployment models from different vendors if they all use the same definition. 


The NIST definition states: “Cloud computing is a model for enabling ubiquitous, 
convenient, on-demand network access to a shared pool of configurable computing 
resources (e.g., networks, servers, storage, applications, and services) that can be 
rapidly provisioned and released with minimal management effort or service provider 
interaction.” (https://nvlpubs.nist.gov/nistpubs/Legacy/SP/ 
nistspecialpublication800-145.pdf, section 2.) 


NIST identifies five characteristics that are essential in defining something as being 
cloud computing. These are defined in the following table. 


Characteristic Description 

On-demand self — Consumers can provision services on the fly without interaction 
service with service provider personnel. 

Broad network Services are available over networks using standard clients, 
access including workstations, laptops, tablets, and smart phones. 


Resource pooling Multiple customers share the service provider's resources in a 
multi-tenant model. Resources are dynamically assigned as they 
are needed without regard to where the customer or the 
resource are located. However, a customer can request 
resources from a specific location at the country, state, or data- 
center level. Resources include memory, storage, processing, and 
network bandwidth. 


Rapid elasticity Resources are automatically provisioned to scale up or down as 
resources are required by the customer. 
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Characteristic Description 


Measured service Resources are measured through metering on a per use basis. 
The metering measurement is based on the type of resource 
such as storage, processing, bandwidth, or active users. The 
metering mechanism should be accessible to the customer via a 
reporting dashboard, providing complete transparency in usage 
and billing. 


BENEFITS OF CLOUD COMPUTING 


There are many benefits to using cloud computing. This includes savings in the cost of 
infrastructure and support, energy cost savings, rapid deployment, and allowing the 
customer to make the choices that make the most sense for their organization. 


One of the most often cited benefits of implementing cloud computing is that the 
cloud provides rapid elasticity. This means that the cloud can scale quickly to meet 
peak demand. For example, a company may operate a single web server instance for 
most of the year, but provision additional instances for the busy Christmas period and 
then release them again in the New Year. 


This example also illustrates the principles of on-demand and pay-per-use—key 
features of a cloud service (as opposed to a hosted service). On-demand implies that 
the customer can initiate service requests and that the cloud provider can respond to 
them immediately. This feature of cloud service is useful for project-based needs, 
giving the project members access to the cloud services for the duration of the project, 
and then releasing the cloud services back to the hosting provider when the project is 
finished. This way, the organization is only paying for the services for the duration of 
the project. 


The provider's ability to control a customer's use of resources through metering is 
referred to as measured service. The customer is paying for the CPU, memory, disk, 
and network bandwidth resources they are actually consuming rather than paying a 
monthly fee for a particular service level. 


In order to respond quickly to changing customer demands, cloud providers must be 
able to provision resources quickly. This is achieved through resource pooling and 
virtualization. Resource pooling means that the hardware making up the cloud 
provider's data center is not dedicated to or reserved for a particular customer 
account. The layers of virtualization used in the cloud architecture allow the provider to 
provision more CPU, memory, disk, or network resources using management software, 
rather than (for instance) having to go to the data center floor, unplug a server, add a 
memory module, and reboot. 


Flexibility is a key advantage of cloud computing. However, the implications for data 
risk must be well understood when moving data between private and public storage 
environments. You need to be aware that any point from the server to the end user 
could be compromised if proper security measures are not taken and adhered to when 
transferring data over public and private networks. 


COMMON CLOUD MODELS 


In most cases, the cloud (that is, the hardware and/or software hosting the service) will 
be off-site relative to the organization's users, who will require an Internet link to 
access the cloud services. There can be different ownership and access arrangements 
for clouds, which can be broadly categorized as described in the following table. 
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Cloud Model Description 


Public or multi- This model is hosted by a third-party and shared with other 

tenant subscribers. This is what many people understand by cloud 
computing. As a shared resource, there are risks regarding 
performance and security. 


Hosted private This model is hosted by a third-party for the exclusive use of one 
organization. This is more secure and can guarantee a better level of 
performance, but is correspondingly more expensive. The 
OpenStack project (openstack.org) is one example of a technology 
you could use to implement your own cloud computing 
infrastructure. 


Private In this model, the cloud infrastructure is completely private to and 
owned by the organization. In this case, there is likely to be one 
business unit dedicated to managing the cloud while other business 
units make use of it. 


This type of cloud could be on-site or off-site relative to the other 
business units. An on-site link can obviously deliver better 
performance and is less likely to be subject to outages (loss of an 
Internet link, for instance). On the other hand, a dedicated off-site 
facility may provide better shared access for multiple users in 
different locations. 


Community With this model, several organizations share the costs of either a 
hosted private or fully private cloud. 
Hybrid There will also be cloud computing solutions that implement some 


sort of hybrid public/private/community/hosted/on-site/off-site 
solution. For example, a travel organization may run a sales website 
for most of the year using a private cloud but "break out" the 
solution to a public cloud at times when much higher utilization is 
forecast. Google’s Gov Cloud is another example. This cloud can be 
used by government branches within the U.S., but it is not available 
to consumers or businesses. 


INTERNAL AND EXTERNAL SHARED RESOURCES 


All networks provide a pool of shared resources for use by servers and clients. For 
example, file servers can provide disk storage resources to client computers in the 
form of shared folders. Servers themselves can use shared disk storage in the form of 
Storage Area Networks (SANs). Use of virtualization and hybrid cloud computing 
solutions allows these shared resources to be provisioned using a mixture of internally 
owned assets and externally provisioned assets. 


CLOUD SERVICE OPTIONS 


As well as the ownership model (public, private, hybrid, or community), cloud services 
are often differentiated on the level of sophistication provided. These models are 
referred to as Something as a Service (*aaS), where the something can refer to 
infrastructure, network, platform, or software. 
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Service Type Description 


laaS 


SaaS 


PaaS 


Infrastructure as a Service (laaS) is a means of provisioning IT 
resources such as servers, load balancers, and Storage Area Network 
(SAN) components quickly. Rather than purchase these components 
and the Internet links they require, you rent them on an as-needed 
basis from the service provider's data center. In an laaS arrangement, 
you are typically billed based on the resources you consume, much 
like a utility company bills you for the amount of electricity you use. 


laaS is a bare bones service offering. You will need to configure the 
components and build the platform on top. Examples of laaS include 
Rackspace’s CloudServers offering, in which you rent a virtual server 
running an operating system of your choice. You then install the 
applications you need onto that virtual server. Other examples include 
Amazon's Elastic Compute Cloud (EC2) service and Amazon's Simple 
Storage Service (S3). 


Software as a Service (SaaS) is a different model of provisioning 
software applications. Rather than purchasing software licenses for a 
given number of seats, a business would access software hosted on a 
supplier's servers on a pay-as-you-go or lease arrangement (on- 
demand). Virtual infrastructure allows developers to provision on- 
demand applications much more quickly than previously. The 
applications can be developed and tested within the cloud without the 
need to test and deploy on client computers. 


Perhaps the most well-known SaaS example is the Salesforce® 
Customer Relationship Management (CRM) service. Other notable 
SaaS examples are the Zoho suite of applications, Google's 
applications suite, and Microsoft's Office 365 suite. 


provides resources somewhere between SaaS and laa. A typical PaaS 
solution would provide servers and storage network infrastructure, 
but also provide a multi-tier web application/database platform on 
top, in contrast to Infrastructure as a Service. This platform might be 
based on Oracle® or MS SQL or PHP and MySQL™. 


As distinct from SaaS, though, this platform would not be configured 
to actually do anything. Your own developers would have to create the 
software, such as the CRM or e-commerce application, that runs using 
the platform. 


The service provider would be responsible for the integrity and 
availability of the platform components, but you would be responsible 
for the security of the application you created on the platform. An 
example is Rackspace's CloudSites offering, in which you rent a virtual 
web server and associated systems such as a database or email 
server. Amazon's Relational Database Service (RDS) enables you to 
rent fully configured MySQL and Oracle database servers. 
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Operating Systems and Software 
Operating Systems 


Amazon Machine Images (AMIs) are preconfigured with an ever-growing list of operating systems. We work with 
our partners and community to provide you with the most choice possible. You are also empowered to use our 
bundling tools to upload your own operating systems. The operating systems currently available to use with your 
Amazon EC2 instances include: 


Operating Systems 
Red Hat Enterprise Linux Windows Server Oracle Enterprise Linux 
OpenSolaris Amazon Linux AMI Ubuntu Linux 
Fedora Gentoo Linux Debian 
SUSE Linux Enterprise 
Software 


Amazon EC2 enables our partners and customers to build and customize Amazon Machine Images (AMIs) with 
software based on your needs. We have hundreds of free and paid AMIs available for you to use. A small 
sampling of the software available for use today within Amazon EC2 includes: 


Databases Batch Processing Web Hosting 

IBM DB2 Hadoop Apache HTTP N À 

IBM Informix Dynamic Server Condor IIS/Asp.Net ` A 

Microsoft SOL Server Standard Open MPI IBM Lotus Web Content — d 
Management 

MySQL Enterprise IBM WebSphere Portal Server 


Oracle Database 11q 


Application Development Environments Application Servers Video Encoding & Streaming 

IBM sMash IBM WebSphere Application 'Wôwza Media Server Pro 
Server 

JBoss Enterprise Application Platform Java Application Server Windows Media Server 

Ruby on Rails Oracle WebLogic Server 


Amazon's EC2 offers laaS (Linux or Windows machine images) and PaaS (database and application 
development environments). 


VIRTUAL DESKTOPS 


Virtual Desktop Infrastructure (VDI) refers to using a VM as a means of provisioning 
corporate desktops. In a typical VDI, desktop computers are replaced by low-spec, low- 
power thin client computers. 


When the thin client starts, it boots a minimal OS, allowing the user to log on to a VM 
stored on the company server or cloud infrastructure. The user makes a connection to 
the VM using some sort of remote desktop protocol (Microsoft Remote Desktop or 
Citrix ICA, for instance). The thin client has to find the correct image and use an 
appropriate authentication mechanism. There may be a 1:1 mapping based on 
machine name or IP address, or the process of finding an image may be handled by a 
connection broker. 


All application processing and data storage in the Virtual Desktop Environment 
(VDE) or workspace is performed by the server. The thin client computer only has to be 
powerful enough to display the screen image, play audio, and transfer mouse, key 
commands and video, and audio information over the network. 


All data is stored on the server or in the cloud so it is easier to back up and the desktop 
VMs are easier to support and troubleshoot. They are better locked against unsecure 
user practices because any changes to the VM can easily be overwritten from the 
template image. With VDI, it is also easier for a company to completely offload their IT 
infrastructure to a third-party services company. 
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The main disadvantage is that in the event of a failure in the server and network 
infrastructure, users have no local processing ability. This can mean that downtime 
events may be more costly in terms of lost productivity. 


VIRTUAL NIC 


A virtual machine includes a virtual NIC. However, there will also need to be a physical 
NIC to get the thin client computer onto the network. These adapters do not have to 
connect to the same network. The physical NIC might be isolated to a network 
provisioning the VDI solution. The virtual NIC available from the virtual desktop would 
connect to the corporate data network and (via the organization's routers) to the 
Internet. 


CLOUD-BASED APPLICATIONS 


Application virtualization is a more limited type of VDI. Rather than run the whole 
client desktop as a virtual platform, the client either accesses a particular application 
hosted on a server or streams the application from the server to the client for local 
processing. This enables programmers and application administrators to ensure that 
the application used by clients is always updated with the latest code. 


Most application virtualization solutions are based on Citrix XenApp. Microsoft has 
developed an App-V product within its Windows Server range. VMware has the 
ThinApp product. 


OFF-SITE EMAIL APPLICATIONS 


Traditionally, most organizations set up and configured their own email server. With 
cloud computing, the email server can be another off-site service. It might be 
something like Gmail™ or Yahoo!® Mail. It also might be part of a Office 365 Business 
Premium, which includes the Exchange email server service. Using an off-site email 
application to access these off-site email services makes it easier for users to access 
their mail from multiple devices and locations such as their laptop, desktop, tablet, and 
smart phone. The mailbox is synchronized so that no matter which device the mail is 
accessed from, the account accurately indicates which messages have been read, 
unread, deleted, or moved to other folders. 


CLOUD FILE STORAGE 


A variety of cloud file storage services are available. These services might be integrated 
into the Windows File Explorer, or they might have their own dedicated 
synchronization app, or both. OneDrive?® is one cloud file storage service. All Office 365 
users receive dedicated storage space for their account. Personal and business 
OneDrive accounts are separate, but can be linked. OneDrive is integrated into the 
Windows File Explorer and also has a dedicated OneDrive app that can be installed. 
OneDrive can also be accessed through a browser. Dropbox™ is another file storage 
service that can be accessed in the same types of ways. Other cloud file storage 
services that can be synchronized between all of a user's devices include iCloud® from 
Apple® and Google Drive™. 


In addition to allowing a single user to synchronize content between all of their own 
devices, the user can also share the cloud storage content with other users. In this 
case, multiple users can simultaneously access the content to work collaboratively, or 
they can access it at different times. Each user's changes are typically marked with a 
flag or color highlighting to indicate who made changes to what content. 


VIRTUAL APPLICATION STREAMING 


When virtual application streaming is implemented, a small piece of the application 
is typically installed on the end user device. This is just enough of the application for 
the system to recognize that the application is available to the user. When the user 
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accesses the application, additional portions of the application code are downloaded 
to the device. Many users only use a small portion of the features available in an 
application. By downloading only the portions that are being used, the streaming goes 
quickly, making the user unaware in most cases that the application is being streamed. 
If additional features are accessed from the application menu, the supporting code for 
those features is then downloaded. The administrator can configure the streaming 
application to remove all of the downloaded code, or they can configure it to retain 
what has been downloaded so it will be faster to load the application the next time the 
user wants to use it. 


CLIENT PLATFORMS 


Cloud-based applications can often be deployed for smart cell phones and tablets as 
well as for laptops and desktops. Typically, the application uses the same base code for 
all of these platforms, but has additional features that are better supported on laptops 
and desktops that would be difficult to implement with small screen size, less RAM, 
and less storage space on a smart phone or tablet. In other instances, the features are 
the same across all client platforms; it all depends on the features and purpose of the 
application. By streaming an application or running it in the cloud, much of the 
memory and storage requirements are eliminated on the client. 


CONTAINER VIRTUALIZATION 


Container virtualization dispenses with the idea of a hypervisor and instead enforces 
resource separation at the operating system level. The OS defines isolated containers 
for each user instance to run in. Each container is allocated CPU and memory 
resources, but the processes all run through the native OS kernel. 


These containers may run slightly different OS distributions but cannot run guest OSs 
of different types (you could not run Windows or Ubuntu”? in a RedHat® Linux® 
container, for instance). Alternatively, the containers might run separate application 
processes, in which case the variables and libraries required by the application process 
are added to the container. 


One of the best-known container virtualization products is Docker (docker.com). 
Containerization is also being widely used to implement corporate workspaces on 
mobile devices. 


Container vs. VMs 


Container 
>| 


Bins/Libs 


Hypervisor (Type 2) 


Docker Engine 
Host OS Host OS 


Server Server 


Comparison of Containers versus Virtual Machines. 
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CLOUD-BASED NETWORK CONTROLLERS 


When you deploy a network using a mixture of local and cloud-based resources, 
potentially using different cloud providers, it can be difficult to obtain "visibility" of the 
whole network from a single management and monitoring interface. For example, you 
might have an overall network where clients are using multiple wired and wireless local 
networks to connect, there might be use of Virtual Private Networks (VPNs), some of 
the organization's servers might be privately controlled, but others might be hosted in 
the cloud, and so on. 


A cloud-based network controller allows you to register and monitor some (or 
perhaps all) of these different component networks, clients, and servers. Cloud-based 
network controllers (and network controllers generally) depend on Software Defined 
Networking (SDN). SDN means that network access devices—access points, switches, 
routers, and firewalls—can be configured using software programs and scripts. 
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Activity 10-2 


Discussing Cloud Computing Concepts 


SCENARIO 


There has been a lot of talk around the office recently about cloud services. You have 
heard some other people touting this as the only way to go for storage. In order to be 
sure of yourself before you join in these conversations, you wrote down some 
questions and did a little research about them to make sure you know what you are 
talking about. 


1. How do the five components of cloud computing defined by the NIST work 
together to provide users with cloud computing services? 


2. Which type of cloud would your organization be likely to use? 


3. A cloud service should exhibit rapid elasticity, allow users to access resources on- 
demand, and pay on a per-use basis. 


What type of service should the provider run to enable these features? 


4. Acompany has contracted the use of a remote data center to offer exclusive 
access to Platform as a Service resources to its internal business users. 


How would such a cloud solution be classed? 


5. When users connect to the network, they use a basic hardware terminal to access 
a desktop hosted on a virtualization server. 


What type of infrastructure is being deployed? 
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Summary 


In this lesson, you examined implementation requirements for client virtualization and 
cloud computing. The ability to support these and other emerging technologies is very 
likely to have an impact on the day-to-day responsibilities of an A+ technician. 


What types of client-side virtualization technologies does your organization use? 


What type of cloud computing does your organization use? What other services 
might you recommend be implemented? 


Practice Question: Additional practice questions are available on the CompTIA CHOICE 
platform within the Assessments tile. 
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Lesson 11 


Supporting Operating Systems 


LESSON INTRODUCTION 


As a professional IT support representative or PC service technician, your job will include installing, 
configuring, maintaining, and troubleshooting personal computer operating systems, applications, 
hardware, and networks. Before you can perform any of these tasks, you need to understand the 
basics of what an operating system is, including the various versions, features, components, and 
technical capabilities. With this knowledge, you can provide effective support for all types of 
system environments. 


The operating system is the software that provides a user interface to the computer hardware and 
provides an environment in which to run software applications and create computer networks. In 
this lesson, you will identify the basic types, functions, features, and tools of operating systems, 
with a particular focus on Microsoft® Windows®. 


LESSON OBJECTIVES 


In this lesson, you will: 

* Compare common OSs and their purposes and features. 

e Identify procedures and techniques to employ when troubleshooting. 

e Use administrative tools and system utilities in different versions of Windows. 
* Perform file management using Explorer and command prompt tools. 


« Use the command-line tools and the Disk Management console to configure disks, volumes, 
arrays, and mount points. 


+ Use Device Manager and Control Panel/Settings to configure power management, display and 
sound devices, and to remove devices. 


592 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


Topic A 


Identify Common Operating Systems 


EXAM OBJECTIVES COVERED 
a 1002-1.1 Compare and contrast common operating system types and their purposes. 


1002-1.2 Compare and contrast features of Microsoft Windows versions. 


In this topic, you will identify the types and functions of personal computer (PC) and 
mobile device operating systems. The first step is to learn about the various operating 
systems available today, and to identify those that are commonly used on PCs and 
those that are used on tablets and smartphones. 


Without a user-friendly operating system, most people would not be capable of using 

their computers or mobile devices to successfully perform the tasks required of them. 
As an IT professional, being familiar with the different types of operating systems can 

help you to support a variety of computer and mobile device environments. 


WHAT IS AN OPERATING SYSTEM? 


A computer requires an operating system (OS) in order to function. The operating 
system provides the interface between the hardware, application programs, and the 
user. The operating system handles many of the basic system functions, such as 
interaction with the system hardware and input/output. 

An operating system is generally made up of a number of core files—called the kernel 
—with additional device drivers and programs to provide extended functionality. The 
earliest operating systems for PCs, such as Microsoft's Disk Operating System (DOS), 
used a command-line user interface or simple menu systems. Windows and software 
applications for Windows were marked by the use of a Graphical User Interface 
(GUI). This helped to make computers easier to use by non-technical staff and home 
users. 


Note: Actually, some DOS applications presented a GUI, of a kind. Windows is sometimes 
described as a WIMP (Window, Icon, Menu, Pointing device) interface. 


The desktop style favored by a particular OS or OS version is a powerful factor in 
determining customer preferences for one OS over another. 


OS TYPES 

The market for operating systems is divided into four main sections: 

* Business client—an OS designed to work as a client in business networks. 

* Network Operating System (NOS)—an OS designed to run on servers in business 
networks. 

* Home client—an OS designed to work on standalone or workgroup PCs in a home 
or small office. 

* Cell phone (smartphone)/Tablet—an OS designed to work with a handheld portable 
device. This type of OS must have a touch-operated interface. 
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COMPATIBILITY ISSUES 


A software application is coded to run on a particular OS. You cannot install an app 
written for iOS® on an Android™ smartphone. The developer must create a different 
version of the app. This can be relatively easy for the developer or quite difficult, 
depending on the way the app is coded and the target platforms. The application or 
app "ecosystem," or the range of software available for a particular OS, is another big 
driver of customer acceptance for a particular OS product. 


Compatibility also affects version updates to operating system software. There is 
always a chance that some change in the new OS version will cause software (or 
hardware device drivers) written for an older version not to work properly. In the 
business client market, this makes companies very reluctant to update to new OS 
versions without extensive testing. As extensive testing is very expensive, they are 
generally reluctant to adopt new versions without a compelling need to do so. 


Note: These compatibility concerns are being mitigated somewhat by the use of web 
applications and cloud services. A web application only needs the browser to be 


compatible, not the whole OS. The main compatibility issue for a web application is 
supporting a touch interface and a very wide range of display resolutions on the different 
devices that might connect to it. 


Finally, compatibility also affects the way that computers running different operating 
systems can communicate on data networks. The computers cannot "talk" to one 
another directly. The operating systems must support common network protocols that 
allow data to be exchanged in a standard format. 


MICROSOFT WINDOWS 


Microsoft Windows is the dominant commercial PC OS, estimated to be installed on 
90% of the world's desktop and laptop computers. The Windows Server OS is also 
widely used on private network servers and Internet servers running web, email, and 
social networking apps. 


Like most software, Windows and Windows Server® have been released in a number of 
versions over the years. Historically, a new version would have to be purchased, 
though upgrade discounts were usually available. A new version may introduce 
significant changes in desktop styles and user interface of Windows and add new 
features and support for new types of hardware. On the downside, a new version may 
not be compatible with hardware and software applications designed for earlier 
versions. 


One of the main functions of an OS is to provide an interface (or shell) between the 
user and the computer hardware and software. Windows has a number of interface 
components designed both for general use and for more technical configuration and 
troubleshooting. 


The top level of the user interface is the desktop. This is displayed when Windows 
starts and the user logs on. The desktop contains icons to launch applications and 
possibly user data files. The desktop also contains the Start Menu or Start Screen and 
taskbar, which are used to launch and control applications. 


MICROSOFT WINDOWS VERSIONS 


Let's start by taking a look at the most popular versions of Windows currently in use. 
Other operating systems will be examined more closely later in the course. 
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WINDOWS 10 

Windows 10, first released in 2015, is the current version. Windows 10 aims to provide 
a consistent user experience across different types of devices, including desktop PCs, 
laptops, tablets, and smartphones. 


When installed to a PC or laptop, Windows 10 retains the user desktop and taskbar 
familiar from legacy versions but uses a touch-optimized Start Screen interface to 
access apps and programs. This replaces the old Start Menu. As well as shortcuts, the 
Start Screen can display app tiles, which can contain live or actively updated content. 
These app tiles are fully customizable. 
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Windows 10 (1803) desktop and Start Screen. (Screenshot used with permission from Microsoft.) 


The Start Screen is activated by selecting the Start button E or by pressing the 
Windows key, which might also be labeled the Start key. 


@ Note: On a smartphone or tablet, the Start Screen replaces the desktop entirely. 


WINDOWS 10 FEATURE UPDATES 


With Windows 10, Microsoft indicated that they would no longer release new versions 
of Windows, but would instead maintain the OS with feature updates on a periodic 
basis. Thus, the current version of Windows, at the time of writing, is still Windows 10. 
This approach is known as “Windows as a Service.” Feature updates for Windows 10 
are identified with a name and number. For example, in July 2016, Microsoft released a 
Windows 10 feature update called Windows 10 Anniversary Update. This release was 
identified with the number 1607, which corresponds to the year (2016) and month (07/ 
July) of release. The full name of the current version of Windows 10 at the time of 
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writing is Windows 10 Spring Creators Update (1803), replacing the Fall Creators 
Update (1709). 


In addition to feature updates, Windows is updated periodically with quality updates. 
Quality updates do not usually make radical changes to Windows, though some do 
include new features. Quality updates might sometimes cause compatibility problems 
with some hardware devices and software applications, but this is less likely than with 
feature updates. 


Windows 10 Mobile 


Microsoft has developed versions of Windows for mobile devices, including Windows 
CE, Windows Phone® 7, and Windows Phone 8. None of these have enjoyed the same 
sort of success as Windows has in the PC market. 


With Windows 10 Mobile, Microsoft has adopted a consistent user interface and code 
base across all types of devices. Windows 10 Mobile has a very small smartphone 
market share compared to Android and iOS. Microsoft develops and sells Windows 10 
Mobile smartphones and Surface® tablets. 


WINDOWS 8 AND WINDOWS 8.1 


Compared to earlier versions, Windows 8 (released in 2012) and Windows 8.1 (2013) 
imposed significant user interface changes to provide better support for touchscreens. 
One of these changes was the first use of the Start Screen. Not all of the changes were 
popular with users familiar with Windows 7, however. Windows 10 addressed this 
feedback and was also made available as a free upgrade to Windows 8. Consequently, 
Windows 10 very quickly replaced Windows 8 and Windows 8 is not that widely used, 
having about 7% market share at the time of writing. 


As well as introducing the Start Screen for the first time, in Windows 8, some of the 
search and configuration settings are accessed as charms. The Charms bar is opened 
by swiping from the right of the screen. 


fa 1 7 | Sunday 
. 13 December 


Windows 8.1 showing the Charms bar. (Screenshot used with permission from Microsoft.) 
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On a desktop PC, you can move the mouse pointer down from the top-right or (more 
simply) press Windows+C. The Charms bar was discontinued in Windows 10. 


Note: Windows 8 was swiftly updated to Windows 8.1 to address some issues with the 

@ interface, principally the lack of a Start button and forcing use of the Start Screen at 
boot rather than the desktop. In other respects, references to Windows 8 in this course 
can be taken to apply to Windows 8.1, too. There was never a Windows 9. 


WINDOWS 7 


Prior to Windows 8, there was Windows 7 (2009), Windows Vista (2007), and Windows 
XP (2001). Of these, Windows 7 is still widely used, with an estimated installation base 
of around 45% of all PCs. Despite no longer being officially supported by Microsoft, 
Windows XP is still installed on about 5% of devices. Windows Vista never achieved a 
significant market share. 


Windows 7 uses the "classic" Start Menu user interface. The Start Menu contains icon 
shortcuts to recently used programs and some of the main folders and utilities. The All 
Programs submenu contains the shortcuts to all the other desktop applications 
installed on the computer. 
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Windows 7 desktop and Start Menu. (Screenshot used with permission from Microsoft.) 


Note: According to the CompTIA exam objectives, you will not be expected to support 
Windows Vista or Windows XP. 


WINDOWS EDITIONS 


Each version of Windows is available in different editions. Editions are used by 
Microsoft to create different markets for Windows. Windows 7 editions included 
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Starter, Home Basic, Home Premium, Professional, Enterprise, and Ultimate. Windows 
10 is available in the following editions: 


* Windows 10 Home—designed for domestic consumers and Small Office Home 
Office (SOHO) business use. The Home edition cannot be used to join a Windows 
domain network. 

+ Windows 10 Pro—designed for small and medium-sized businesses. The 
"Professional" edition comes with networking and management features designed 
to allow network administrators more control over each client device. 

* Windows 10 Enterprise/Windows 10 Enterprise (Long Term Servicing Channel)— 
similar to the Pro edition but designed for volume licensing by medium and large 
enterprises. 

e Windows 10 Education/Pro Education—variants of the Enterprise and Pro editions 
designed for licensing by schools and colleges. 


editions. Ultimate editions were discontinued with Windows 8. The distinction between 
basic and premium home editions was also abandoned. Windows 8 has an unnamed 
edition—sometimes referred to as "Windows 8 Core"—rather than a "Home" edition. 


eo Note: The Windows 7 Ultimate edition was a "superset" with all the features from other 


WINDOWS IN THE CORPORATE WORLD 


The principal distinguishing feature of the Professional/Pro, Enterprise, Ultimate, and 
Education editions (regardless of version) is the ability to join a domain network. A 
personal user or small business owner can just administer each machine they own 
individually. On a corporate network, it is necessary to manage user accounts and 
system policies centrally, because there are more machines to manage and security 
requirements are higher. This centralized management is provided by joining each 
computer to a domain, where the accounts are configured on Domain Controller (DC) 
servers. Some other notable corporate features are as follows: 


+ BitLocker—enables the user to encrypt all the information on a disk drive. 
Encryption means that data on the device is protected even if someone Steals it (as 
long as they cannot crack the user password). BitLocker is included with Windows 7 
Enterprise and Ultimate, Windows 8 Pro and Enterprise, and Windows 10 Pro, 
Enterprise, and Education editions. 

* Encrypting File System (EFS)—where BitLocker encrypts an entire drive, EFS can be 
used to apply file- or folder-level encryption. EFS is included with Windows 7 
Professional, Enterprise, and Ultimate, Windows 8 Pro and Enterprise, and Windows 
10 Pro, Enterprise, and Education editions. 

* BranchCache—an enterprise might have computers installed at different 
geographic locations needing to view and update data at a central office. As the 
Wide Area Network (WAN) links from each location to the office might be quite slow, 
it can be useful for the remote computers to share access to a single cache of data 
from shared folders and files or document portals such as SharePoint sites. This 
reduces the amount of WAN traffic because each client does not have to download 
its own copy individually. BranchCache is supported on Windows 7 Enterprise and 
Ultimate, Windows 8 Enterprise, and Windows 10 Pro, Enterprise, and Education 
editions. 


Note: The Pro/Professional editions support a limited type of BranchCache for 
Background Intelligent Transfer Service (BITS) communications only. Most document and 


file sharing uses HyperText Transfer Protocol (HTTP) or Server Message Block (SMB), and 
these types of transfers are only supported by the Enterprise/Ultimate editions. BITS 
might be used for tasks such as patch deployment or image-based installs. 
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WINDOWS FOR PERSONAL USE 


Windows Media Center is a Microsoft app allowing the computer to be used as a sort 
of home entertainment appliance, such as playing DVDs (several other functions of the 
product are no longer supported). Media Center was included in the Windows 7 Home 
Premium, Professional, Enterprise, and Ultimate editions. It is the principal distinction 
between the Windows 7 Home Basic and Windows 7 Home Premium editions. It 
became a paid-for add-on in Windows 8 and was discontinued in Windows 10. 


If Media Center is not available, a DVD player is available from Microsoft. Third-party 
software is required to playback commercial Blu-ray™ discs. 


32-BIT AND 64-BIT WINDOWS 


Each version and edition of Windows is available as 32-bit or 64-bit (x64) software. 64- 
bit editions of Windows can run most 32-bit applications software, though there may 
be some exceptions (you should check with the software vendor). The reverse is not 
true, however; a 32-bit version of Windows cannot run 64-bit applications software. 


64-bit editions of Windows also require 64-bit hardware device drivers authorized 
("signed") by Microsoft. If the vendor has not produced a 64-bit driver, the hardware 
device will not be usable. 


WINDOWS SYSTEM LIMITS 


The versions and editions of Windows have different restrictions in terms of CPU types 
and features and memory supported. Windows 10 has the following system limits: 


Feature Home Pro Education Enterprise 
SMP (Multiple No 2-way 2-way 2-way 
CPUs) 

Multicore Yes Yes Yes Yes 

RAM limitations 4 GB 4 GB 4 GB 4 GB 
(32-bit) 

RAM limitations 128 GB 2 TB 2 TB 6 TB 
(64-bit) 


Windows 8 has the following system limits: 


Feature Core Pro/Enterprise 
SMP No 2-way 
Multicore Yes Yes 

RAM limitations (32-bit) 4GB 4 GB 

RAM limitations (64-bit) 128 GB 512 GB 


Windows 7 has the following system limits: 


Home 
Feature Home Basic Premium Professional Enterprise Ultimate 
64-bit Edition Yes Yes Yes Yes Yes 
SMP No No 2-way 2-way 2-way 
Multicore Yes Yes Yes Yes Yes 
RAM 4GB 4GB 4GB 4GB 4GB 
limitations (32- 
bit) 
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Home 
Feature Home Basic Premium Professional Enterprise Ultimate 
RAM 8 GB 16 GB 192 GB 192 GB 192 GB 
limitations (64- 
bit) 


The Windows 7 Starter edition was only available to system builders (OEMs) for 
installation on netbooks and sub-notebooks. It supports up to 2 GB RAM. There is no 
64-bit version of the Starter edition. 


OS LIFECYCLES 


An end of life system is one that is no longer supported by its developer or vendor. 
End of life systems no longer receive security updates and so represent a critical 
vulnerability for a company's security systems if any remain in active use. 


Microsoft products are subject to a support lifecycle policy. Windows versions are 
given five years of mainstream support and five years of extended support (during 
which only security updates are shipped). Support is contingent on the latest Service 
Pack being applied (non-updated versions of Windows are supported for 24 months 
following the release of the SP). Windows 10 retirement schedules for feature updates 
—referred to as "end of service"—are 18 months, except for September updates for 
Education/Enterprise editions only, which are supported for 30 months. 


To find out when Microsoft products will be retired or how long specific products will 
be supported, visit the Microsoft Product Lifecycle Search tool at 
support.microsoft.com/lifecycle/search. 


When you plan to install a new version of an operating system as an upgrade, you 
must check that your computer meets the hardware requirements for the new version. 
As operating system software such as Windows 10 moves towards more of a service 
model, with quite frequent feature updates, it could be the case that an update has its 
own system requirements that were different from the original. Plus, Microsoft points 
out that the core hardware requirements for Windows 10 are the same as those for 
Windows 7. Other factors might impact your ability to apply a feature update, including 
support for third-party driver or applications software. 


APPLE OPERATING SYSTEMS 


In 1984, when the IBM PC was the dominant desktop standard, Steve Jobs and Steve 
Wozniak created a new type of personal computer—the Apple® Macintosh® (or Mac®). It 
was revolutionary because it came with a graphical user interface at a time when IBM's 
PC used the command-line/text menu DOS operating system. The Mac has never 
matched Windows' huge user base, although its current incarnation does have a truly 
devoted following. 


APPLE MAC OS/OS X/macOS 


The main difference between Mac OS and other operating systems is that the OS is 
only supplied with Apple-built computers. You cannot purchase Mac OS and install it 
onan ordinary PC. This helps to make Mac OS stable but does mean that there is far 
less choice in terms of buying extra hardware. 
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macOS desktop. (Screenshot courtesy of Apple.) 


The current lines—OS X® and more recently macOS*—were re-developed from the 
kernel of another type of operating system called UNIX. This kernel is supplemented 
with additional code to implement the Mac's graphical interface and system utilities 
and to maintain compatibility with older Mac OS applications. macOS gets periodic 
"dot" version updates. At the time of writing, the current version is 10.14 or "Mojave," 
and updates are being released to existing customers free-of-charge. 


As there is a tight link between the models of Mac computers and the OS, Apple makes 
specific update limitations about whether a new version of macOS can be installed to a 
Mac computer. Check support.apple.com for the technical specification for any 
particular macOS release. Apple does not publish end of life policies. 


APPLE iOS 


iOS is the operating system for Apple's iPhone® smartphone and iPad? tablet. While 
also derived from UNIX, iOS is a closed source operating system. This means that the 
code used to design the software is kept confidential and can only be modified by 
Apple. macOS and iOS have some similarities but they are not compatible; an app 
developed for iOS will not run on macOS. 


On an iOS device, apart from volume and power, the only external button is the Home 
key, which returns the user to the home screen "desktop." 


The interface is then entirely controlled via touch. Point to icons to open apps, swipe or 
flick from left-to-right to access the keyboard and search, or flick right-to-left to view 
more icons. Re-arrange icons by tapping and holding for a few seconds. The icons will 
then "wobble" and can be dragged to a different page or into the dock taskbar at the 
bottom. Press the Home key to save. 


To view and manage open apps, double-click the Home key to open the Multitasking 
bar. 
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iOS 11 running on an iPhone 7. (Screenshot courtesy of Apple.) 


Touch can be operated either with your fingers or with a special soft-touch stylus. 
There are many more gestures in addition to those listed above. For example, shaking 
the device is often used to activate undo. There are also external keyboards available 
and most Apple devices support Siri®, a voice recognition system and personal 
assistant. 


New versions are released approximately every year with various .x updates. Version 
12 is current at time of writing. Apple makes new versions freely available, though 
older hardware devices may not support all the features of a new version, or may not 
be supported at all. As with macOS, update limitations are published at 
support.apple.com but there are no end of life policies. 


UNIX-BASED OPERATING SYSTEMS 


Windows and macOS dominate the desktop/workstation/laptop market, but a third 
"family" of operating systems is very widely used on a larger range of devices. 


UNIX 


UNIX is a trademark for a family of operating systems originally developed at Bell 
Laboratories beginning in the late 1960s. All UNIX® systems share a kernel/shell 
architecture, with the kernel providing the core functionality and the interchangeable 
shells providing the user interface. Unlike Windows and macOS, UNIX is portable to 
different hardware platforms; versions of UNIX can run on everything from personal 
computers to mainframes and on many types of computer processors. 


LINUX 


Originally developed by Linus Torvalds, Linux is based on UNIX. UNIX was developed 
over decades by various commercial, academic, and not-for-profit organizations. This 
resulted in several versions, not all of which are compatible, and many of which are 
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proprietary or contain copyrighted or patented code or features. Linux® was developed 
as a fully open source alternative to UNIX (and for that matter, to Windows and macOS 
and iOS). 
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Ubuntu Linux. 


Linux can be used as a desktop or server OS. There are many distributions or distros, 
notably SUSE®, Red Hat®, CentOS, Fedora®, Debian®, Ubuntu®, and Mint®. Each distro 
adds specific packages and interfaces to the generic Linux kernel and provides 
different support options. Linux does not require a graphical interface, though many 
distributions provide one. 


IBM®, Sun/Oracle®, and Novell® are among the vendors producing end-user 
applications for Linux. As a desktop OS it tends to be used in schools and universities 
more than in business or in the home. As a server OS, it dominates the market for web 
servers. It is also used very widely as the OS for "smart" appliances and Internet of 
Things (loT) devices. 


CHROME OS 


Chrome OS is derived from Linux, via an open source OS called Chromium™. Chrome 
OS™ itself is proprietary. Chrome OS is developed by Google to run on specific laptop 
(Chromebook) and PC (Chromebox) hardware. This hardware is designed for the 
budget and education markets. 


Chrome OS was primarily developed to use web applications. In a web application, the 
software is hosted on a server on the Internet and the client connects to it using a 
browser. The client computer does not need to be particularly powerful as the server 
does most of the processing. Chrome OS provides a minimal environment compared 
to Windows. This means that there is less chance of some other software application 
or hardware device driver interfering with the function of the browser. 


There are also "packaged" apps available for use offline and Chrome OS can run apps 
developed for Android. 
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ANDROID 


Android is a smartphone/tablet OS developed by the Open Handset Alliance, primarily 
driven by Google. Unlike iOS, it is an open-source OS, based on Linux. The software 
code is made publicly available (source.android.com). This means that there is more 
scope for hardware vendors, such as Acer®, Asus®, HTC®, Huawei®, LG, Motorola®, 
OnePlus, Oppo™, Samsung®, Sony®, and Xiamoi to produce vendor-specific versions. 
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Android lollipop home screen. 


Like iOS, Android is updated with new major (1.x) and minor (x.1) versions, each of 
which is named after some kind of sweet stuff. At the time of writing, current versions 
include 7.1 (Nougat) and 8.1 (Oreo). Because handset vendors produce their own 
editions of Android, device compatibility for new versions is more mixed compared 
with iOS. 

End of life policies and update restrictions for particular handsets are determined by 
the handset vendor rather than any kind of overall Android authority. Companies 
ordering handsets in bulk as employee devices may be able to obtain their own 
guarantees. 
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Activity 11-1 


Discussing OS Types 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. You receive a call from a customer who is confused after upgrading his Windows 7 
Home Premium edition computer to Windows 10. The user cannot find the All 
Programs menu. 


What should you advise? 


2. In terms of system hardware, what is the main advantage of a 64-bit version 
of Windows? 


3. You are advising a customer whose business is expanding. The business owner 
needs to provision an additional 30 desktop computers, some of which will be 
installed at a second office location. The business is currently run with a 
workgroup network of five Windows 7 Home Premium desktop computers and 
one file server. 


Why might you suggest licenses for an edition of Windows 10 that supports 
corporate needs for the new computer and has upgrades for the old 
computers? Which specific edition(s) could you recommend? 
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A customer asks whether an iOS app that your company developed will also work 
on her Apple macOS computer. 


What issue does this raise and what answer might you give? 


Apart from Windows and macOS, what operating system options are there 
for client PCs? 


You are advising a customer with an older model Android smartphone. The 
customer wants to update to the latest version of Android, but using the update 
option results in a No updates available message. 


What type of issue is this, and what advice can you provide? 
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Topic B 


Troubleshooting Methodology 


EXAM OBJECTIVES COVERED 
a 1001-5.1 Given a scenario, use the best practice methodology to resolve problems. 


Often, computer technicians spend a large percentage of their time troubleshooting 
the various software and hardware components used in computers, networks, and 
printers. Before you can even begin to troubleshoot a physical problem with a piece of 
hardware or diagnose an error thrown up by a software program, you need to 
understand the basics of troubleshooting and some best practices used. 


The most elaborate toolkit and expensive diagnostic software can be useless if you do 
not have a consistent plan for solving problems. Even experienced technicians can 
sometimes overlook obvious problems or solutions. Troubleshooting can be extremely 
challenging, but if you follow common best practices and basic troubleshooting 
procedures, you will often be able to determine the specific cause of a problem, as well 
as possible solutions to the problem. 


TROUBLESHOOTING BASICS 


To some extent, being an effective troubleshooter simply involves having a detailed 
knowledge of how something is supposed to work and of the sort of things that 
typically go wrong. However, the more complex a system is, the less likely it is that this 
sort of information will be at hand, so it is important to develop general 
troubleshooting skills to approach new and unexpected situations confidently. 


Troubleshooting is a process of problem solving. It is important to realize that 
problems have causes, symptoms, and consequences. For example: 


* A computer system has a fault in the hard disk drive (cause). 

* Because the disk drive is faulty, the computer is displaying a "blue screen" 
(symptom). 

* Because of the fault, the user cannot do any work (consequence). 


From a business point-of-view, resolving the consequences of the problem is more 
important than solving the original cause. For example, the most effective solution 
might be to provide the user with another workstation, then get the drive replaced. 


It is also important to realize that the cause of a specific problem might be the 
symptom of a larger problem. This is particularly true if the same problem recurs. For 
example, you might ask why the disk drive is faulty—is it a one-off error or are there 
problems in the environment, supply chain, and so on? 


PROBLEM MANAGEMENT 


Any organization that has to deal with more than a few problems every week will have 
a system in place for problem management. The basis of problem management is 
the identification, prioritization, and ownership of incidents. The process of problem 
management is as follows: 


1. A user contacts the help desk, perhaps by phone or email. An operator or 
technician is assigned to the incident and a job ticket is generated. 
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2. The user describes the problem to the operator, who may ask clarifying questions. 
The operator categorizes the problem, assesses how urgent it is, and how long it 
will take to fix. 

3. The operator may take the user through initial troubleshooting steps. If these do 
not work, the job may be escalated to deskside support or a senior technician. 

4. Troubleshooting continues until the problem is resolved. At that point, the user is 
contacted to confirm that the problem has been fixed. The job ticket is updated 
with details of the problem and how it was resolved. The ticket is then considered 
closed. 

At each stage, the problem management system can track the ownership of the 

problem (who is dealing with it) and its status (what has been done). At each stage of 

problem management, you need to consider and be guided by corporate policies, 
procedures, and impacts before making changes. An enterprise network is, by 
definition, highly interconnected. Even small changes can have major, unintended 
impacts, so it is imperative that you follow established change management 
procedures and know when to seek authority to make a change. 


THE COMPTIA A+ TROUBLESHOOTING MODEL 


Here are the steps in CompTIA's A+ troubleshooting model: 
1. Identify the problem. 


* Question user and identify user changes to computer. 
* Perform backups before making changes. 
* Inquire regarding environmental or infrastructure changes. 
* Review system and application logs. 
2. Establish a theory of probable cause (question the obvious and if necessary 
conduct internal or external research based on symptoms). 
3. Test the theory to determine cause: 


* Once theory is confirmed, determine next steps to resolve problem. 
* If theory is not confirmed, re-establish new theory or escalate. 
4. Establish a plan of action to resolve the problem and implement the solution. 
5. Verify full system functionality, and if applicable, implement preventative 
measures. 
6. Document findings, actions, and outcomes. 


These steps and the approach and attitude you should apply when troubleshooting are 
explained in a bit more detail in the next section. 


Note: A methodical process is the ideal, but troubleshooting in help desk and IT support 
departments is often a time-critical process. In the real world, you often have to balance 
being methodical with being efficient. 


CUSTOMER SERVICE AND COMMUNICATIONS SKILLS 


Employers value "soft skills," such as being able to communicate and use questioning, 
as highly as technical skills. Troubleshooting is one area where soft skills are vital: 


e A user may be upset or angry—perhaps they have lost work or cannot get an 
expensive, new computer to work. 
* Auser may not be technically knowledgeable. 


It is your job to calm the user and to help him or her give you the information you need 
to diagnose and solve the problem. You need to be able to ask questions that the user 
can answer simply, without having to know anything about the computer or its 
software, and guide him or her through basic troubleshooting steps. When speaking 
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with a user, try to be calm and polite. Do not interrupt when the user is speaking. Do 
not use technical language (jargon) or abbreviations that are likely to confuse. 


OPEN AND CLOSED QUESTIONING 


The basis of getting troubleshooting information from users is asking good questions. 
Questions are commonly divided into two types: 


* Open questions invite someone to explain in their own words. Examples are, "What 
is the problem?", "What happens when you try to switch the computer on?", "Were 
you able to complete this task before, and if so, when did you notice there was an 
issue?", and "What types of changes have you noticed since the last time you 
completed this task?" 

* Closed questions invite a Yes/No answer or a fixed response. Examples include, 
"Can you see any text on the screen?" or "What does the error message say?" 


Open questions are good to start with as they help to avoid making your own 
assumptions about what is wrong and encourage the user to give you all the 
information that he or she is able to. However, you should not trust the user's 
judgment completely. The user may be inexperienced or have formed a false 
impression of what is going wrong. Try to establish factual information rather than 
asking for the user's opinion. 


Closed questions can be used to "drill down" into the nature of the problem and guide 
a user towards giving you information that is useful. 


DEVELOPING A TROUBLESHOOTING MINDSET 


Troubleshooting is not just the application of technical knowledge and expertise; the 
approach you choose to take is equally important. 


* Becalm—if you are calm, it instills confidence in the customer and will also prevent 
you from making rash decisions. 

* Take breaks—troubleshooting requires a great deal of concentration. After a long 
period of working on the same task, the mind can become fatigued and 
concentration is reduced. Consider taking breaks or leaving the problem for a while 
to refresh your mind. 

* Challenge assumptions—a problem may be reported that is similar to one that you 
have experienced before, but you should not assume that the problem is identical. 
Although the symptoms may be similar, the problem and its solution could be 
completely different. Always treat each problem as a new challenge. Be prepared to 
try something different. If you have decided what the problem is, but cannot seem 
to solve it, it may be that you are incorrect. Be prepared to start again from the 
beginning with an open mind. 

e Assess costs and impacts—remember, you must account for corporate policies and 
evaluate the impact of a problem. A particular problem might be a stimulating 
challenge, but if resolving it is not the highest priority in terms of business needs, 
you need to give up on finding "The Answer" and use a shortcut to get to a solution. 
When assessing whether to repair a part, consider the cost of the part and the cost 
of your time to perform the repair. In many circumstances, replacement is the most 
effective option. 

* Know when to give up!—you will not always be able to fix the problem yourself. Be 
prepared to pass the problem on rather than wasting the customer's time! 


PROBLEM IDENTIFICATION 


When troubleshooting, unless the problem is very simple, it is best to work 
methodically to ensure that you diagnose the correct problem and choose the best 
way to resolve it. 
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The traditional method for problem solving is to find the cause of the problem and 
then to seek to remove or resolve that cause. If you switch your television on and the 
screen remains dark, you would seek out the cause and then remove it. Finding the 
actual cause may involve identifying several possible causes and then checking them 
out one by one to determine a probable cause. If your television stops working, you 
could ask yourself, "Is the problem in the television?", "Has the fuse blown?", "Is there a 
problem at the broadcasting station rather than with my television?". With all problems 
we run through a list of possibilities before making a decision. The trick is to do this 
methodically (so that possible causes are not overlooked) and efficiently (so that the 
problem can be solved quickly). 


Troubleshooting is not just a problem-solving process, though. It requires effective 
decision-making. Sometimes there is no simple solution to a problem. There may be 
several solutions and which is best might not be obvious. An apparent solution might 
solve the symptoms of the problem but not the cause. A solution might be impractical 
or too costly. Finally, a solution might be the cause of further problems, which could be 
even worse than the original problem. 


BE PREPARED 


Before you visit a user or customer to fix a problem, ensure that you have all the 
necessary hardware and software tools, documentation, and any other information 
you may need to avoid repeated and unnecessary trips between your office and the 
customer's location. 


If you are instructing a user over the phone or by email, make sure you offer clear, 
concise, and accurate instructions. 


If troubleshooting requires that the system be taken offline, make sure that this is 
scheduled appropriately and sensitively. Remember that troubleshooting may involve 
more than fixing a particular problem; it is about maintaining the resources that users 
need to do their work. 


PERFORM BACKUPS 


Consider the importance of data stored on the local computer when performing 
troubleshooting or maintenance. Check when a backup was last made. If a backup has 
not been made, perform one before changing the system configuration, if at all 
possible. The simplest way of making a backup before troubleshooting is to use drive 
imaging software. 


QUESTION THE USER 


The first report of a problem will typically come from a user or another technician, and 

they will be one of the best sources of information, if you can ask the right questions. 

Before you begin examining settings in Windows or taking the PC apart, spend some 

time gathering as much information as you can about the problem. Ensure you ask the 

user to describe all of the circumstances. Some good questions to ask include: 

e What are the exact error messages appearing on the screen or coming from the 
speaker? Remember that the error could reveal a symptom, not a cause. 

* Has anyone else experienced the same problem? 

* How long has the problem been occurring? 

+ What changes have been made recently to the system? Were these changes 
initiated by you, or via another support request? 
The latest change to a system is very often the cause of the problem. If something 
worked previously, then excepting mechanical failures, it is likely that the problem 
has arisen because of some user-initiated change or some environmental or 
infrastructure change. If something has never worked, a different approach is 
required. 

* Has anything been tried to solve the problem? 
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SOURCES OF INFORMATION 


Of course, you cannot always rely on the user to let you know everything that has 
happened. To diagnose a problem, you may also need to use the following techniques: 


« Make a physical inspection—look and listen. You may be able to see or hear a fault 
(scorched motherboard, "sick"-sounding disk drive, no fan noise, and so on). 

« Ifthe symptoms of the problem are no longer apparent, a basic technique is to 
reproduce the problem—that is, repeat the exact circumstances that produced the 
failure or error. Some problems are intermittent, though, which means that they 
cannot be repeated reliably. Issues that are transitory or difficult to reproduce are 
often the hardest to troubleshoot. 

* Check system and application logs or diagnostic software for information. 

* Check the system documentation, such as installation or maintenance logs, for 
useful information. 

* Consult any other technicians that might have worked on the system recently or 
might be working at the moment on some related issue. Consider that 
environmental or infrastructure changes might have been instigated by a different 
group within the company. Perhaps you are responsible for application support and 
the network infrastructure group has made some changes without issuing proper 
notice. 


DETERMINATION OF PROBABLE CAUSES 


If you obtain accurate answers to your initial questions, you will have determined the 
severity of the problem (how many are affected), a rough idea of where to look 
(hardware or OS for instance), and whether to look for a recent change or an oversight 
in configuration. 


You diagnose a problem by identifying the symptoms. From knowing what causes such 
symptoms, you can consider possible cause to determine the most probable cause and 
then devise tests to show whether it is the cause or not. Sometimes symptoms derive 
from more than one cause; while this type of problem is rarer, it is much harder to 
troubleshoot. A computer system comprises a number of components. Fault finding 
needs to identify which component is faulty. 


QUESTIONING THE OBVIOUS 

There are two good ways to consider a computer problem systematically: 

* Step through what should happen, either yourself or by observing the user, and 
identify the point at which there is a failure or error. 

e Work up or down layers—for example, power, hardware components, drivers/ 
firmware, software, network, user actions. 


With either approach, do not overlook the obvious—sometimes seemingly intractable 
problems are caused by the simplest things. 


Note: A basic technique when troubleshooting a cable, connector, or device is to have a 

Oe "known good" duplicate on hand. This is another copy of the same cable or device that 
you know works that you can use to test by substitution. This approach very quickly 
identifies "non-causes." 


Unless a problem is trivial, break the troubleshooting process into compartments or 
categories. If you can isolate your investigation to a particular subsystem by 
eliminating "non-causes," you can troubleshoot the problem more quickly. For 
example, when troubleshooting a PC, you might work as follows: 

1. Decide whether the problem is hardware or software related (Hardware). 

2. Decide which hardware subsystem is affected (Disk). 
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3. Decide whether the problem is in the disk unit or connectors and cabling 
(Connector). 
4. Test your theory. 


When you have drilled down like this, the problem should become obvious. Of course, 
you could have made the wrong choice at any point, so you must be prepared to go 
back and follow a different path. 


Note: If you are really unlucky, two (or more) components may be faulty. Another 
difficulty lies in assessing whether a component itself is faulty or whether it is not working 


because of a related component. 


RESEARCHING THE PROBLEM 


One of the most useful troubleshooting skills is being able to do research; to find 
information quickly. Learn to use web and database search tools so that you can locate 
information that is relevant and useful. Identify different knowledge sources available 
to you. Consider both internally available documentation and problem logs and 
external support resources, such as vendor support or forums. 


RE-ESTABLISHING A NEW THEORY 

If your theory is not proven by the tests you make or the research you undertake, you 
must establish a new theory. If one does not suggest itself from what you have 
discovered so far, there may be more lengthy procedures you can use to diagnose a 
cause—remember to assess business needs before embarking on very lengthy and 
possibly disruptive tests. Is there a simpler workaround that you are overlooking? 


If a problem is particularly intractable, you can do the reverse of the above process 
and take the system down to its base configuration (the minimum needed to run). 
When (if) this is working, you can then add peripherals and devices or software 
subsystems one-by-one, testing after each, until eventually the problem is located. This 
is time-consuming, but may be necessary if nothing else is providing a solution. 


PROBLEM ESCALATION 


Be aware that you may not have all the answers all the time. Consider consulting your 
colleagues, Internet discussion groups, or manufacturers’ help lines. This will not only 
help you to solve the problem more quickly or identify a better solution than you had 
considered yourself, but will also increase your knowledge and experience. 


If you cannot solve a problem yourself, it is better to escalate it than to waste a lot of 
time trying to come up with an answer. Formal escalation routes depend on the type of 
support service you are operating and the terms of any warranties or service contracts 
that apply. Some obvious escalation routes include: 


* Senior staff/Knowledge Experts/Subject Matter Experts/technical staff/developers/ 
programmers/administrators within your company. 

* Suppliers and manufacturers—warranty and support contracts and helplines or 
web contact portals. 

* Other support contractors/consultants, websites, and social media. 


Choosing whether to escalate a problem is complex as you have to balance the need to 
resolve a problem in a timely fashion with what might be additional costs and the 
burdens/priorities that senior staff are already coping with. You should be guided by 
policies and practices in the company you work for. When you escalate a problem, 
make sure that what you have found out or attempted so far is documented. Failing 
that, describe the problem clearly to whoever is taking over or providing you with 
assistance. 


If you are completing troubleshooting steps under instruction from another technician 
—the vendor's support service, for instance—make sure you properly understand the 
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steps you are being asked to take, especially if it requires disassembly of a component 
or reconfiguration of software that you are not familiar with. 


SOLUTION IMPLEMENTATION AND TESTING 


If you have established and tested a theory of cause, it should be apparent what steps 
are required to resolve the issue. There are typically three solutions to an IT problem: 


e Repair—you need to determine whether the cost of repair makes this the best 
option. 

* Replace—often more expensive and may be time-consuming if a part is not 
available. There may also be an opportunity to upgrade the part or software. 

* Workaround—as any software developer will tell you, not all problems are critical. If 
neither repair nor replacement is cost-effective, it may be best either to find a 
workaround or just to document the issue and move on. 


Note: If a part or system is under warranty, you can return the broken part for a 
replacement. To do this, you normally need to obtain a Returned Materials Authorization 


(RMA) ticket from the vendor. 


When you consider solutions, you have to assess the cost and time required. Another 
consideration is potential effects on the rest of the system that your plan of action may 
have and whether you have authorization to proceed. A typical example is applying a 
software patch, which might fix a given problem but cause other programs not to 
work. This is where an effective change and configuration management system comes 
into play, as it should help you to understand how different systems are 
interconnected and cause you to seek the proper authorization for your plan. 


IMPLEMENT THE SOLUTION 


If you do not have authorization to implement a solution, you will need to escalate the 
problem to more senior personnel. If applying the solution is disruptive to the wider 
network or business, you also need to consider the most appropriate time to schedule 
the reconfiguration work and plan how to notify other network users. When you make 
a change to the system as part of implementing a solution, test after each change. If 
the change does not fix the problem, reverse it and then try something else. If you 
make a series of changes without recording what you have done, you could find 
yourself in a tricky position. 


VERIFICATION AND DOCUMENTATION 


When you apply a solution, test that it fixes the reported problem and that the system 

as a whole continues to function normally. Tests could involve any of the following: 

e Trying to use a component. 

* Substituting the component for a "known good" one. 

* Inspecting a component to see whether it is properly connected or damaged or 
whether any status or indicator lights show a problem. 

* Disabling or uninstalling the component (if it might be the cause of a wider 
problem). 

* Consulting documentation and software tools such as Device Manager to confirm a 
component is configured properly. 

+ Updating software or a device driver. 

Before you can consider a problem closed, you should both be satisfied in your own 

mind that you have resolved it and get the customer's acceptance that it has been 

fixed. Restate what the problem was and how it was resolved then confirm with the 

customer that the incident log can be closed. 
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PREVENTIVE MEASURES 


To fully solve a problem, you should try to eliminate any factors that could cause the 
problem to reoccur. For example, if the power cable on a PC blows a fuse, you should 
not only replace the fuse, but also check to see if there are any power problems in the 
building that may have caused the fuse to blow in the first place. If a computer is 
infected with a virus, ensure that the antivirus software is updating itself regularly and 
users are trained to avoid malware risks. 


DOCUMENT FINDINGS, ACTIONS, AND OUTCOMES 


Most troubleshooting takes place within the context of a ticket system. This shows who 
is responsible for any particular problem and what its status is. This gives you the 
opportunity to add a complete description of the problem and its solution (findings, 
actions, and outcomes). 


This is very useful for future troubleshooting, as problems fitting into the same 
category can be reviewed to see if the same solution applies. Troubleshooting steps 
can be gathered into a "Knowledge Base" or Frequently Asked Questions (FAQ) of 
support articles. It also helps to analyze IT infrastructure by gathering statistics on what 
types of problems occur and how frequently. 


The other value of a log is that it demonstrates what the support department is doing 
to help the business. This is particularly important for third-party support companies, 
who need to prove the value achieved in service contracts. When you complete a 
problem log, remember that people other than you may come to rely on it. Also, logs 
may be presented to customers as proof of troubleshooting activity. Write clearly and 
concisely, checking for spelling and grammar errors. 
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Activity 11-2 


Discussing Troubleshooting 
Methodology 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. You are dealing with a support request and think that you have identified the 
probable cause of the reported problem. 


What should be your next troubleshooting step? 


2. Ifyou have to open the system case to troubleshoot a computer, what 
should you check before proceeding? 


3. You receive a support call from a user. 


What should be your first troubleshooting step? 


4. Why does it help to categorize a problem when troubleshooting? 


5. If another technician says to you, "We'll have to strip this back to base?", 
what do they mean, and at which specific step of troubleshooting are you 
likely to be? 


6. What should you do if you cannot determine the cause of a problem? 
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You think you have discovered the solution to a problem in a product Knowledge 
Base, and the solution involves installing a software patch. 


What should be your next troubleshooting step? 


After applying a troubleshooting repair, replacement, or upgrade, what 
should you do next? 


What is the last step in the best practice methodology for troubleshooting 
and how might it be implemented? 
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Topic C 


Use Windows Features and Tools 


1002-1.4 Given a scenario, use appropriate Microsoft command line tools. 

1002-1.5 Given a scenario, use Microsoft operating system features and tools. 

1002-1.6 Given a scenario, use Microsoft Windows Control Panel utilities. 

1002-2.6 Compare and contrast the differences of basic Microsoft Windows OS security 
settings. 


Fl EXAM OBJECTIVES COVERED 


As an administrator, you will manage the computer through a graphic user interface 
(GUI) for some tasks and through a command line interface for others. In this topic, 
you will examine some of the administrative tools and utilities for Windows computers. 


When you configure or troubleshoot a computer, you need to do so with an account 
that has sufficient privileges to make major changes to OS settings and files. If 
misused, these privileges could be a significant threat to the security of the computer 
system and network. In this topic, you will also learn how to exercise administrative 
privileges safely. 


WINDOWS SETTINGS AND CONTROL PANEL 


Many tools are used to configure Windows settings and hardware devices. Some of the 
tools are accessible to ordinary users; others need administrative privileges to run. 


CONTROL PANEL 


In Windows 7, the Control Panel is the best place to start configuring your system. The 
icons in the Control Panel represent applets used to configure a part of the system. 


é 
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Windows 7 Control Panel showing 1) Task groups; 2) Configuration applets; 3) Navigation breadcrumb; 
4) Search box. (Screenshot used with permission from Microsoft.) 
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Most applets are added by Windows but some software applications, such as antivirus 
software, add their own applets. Configuration information entered via Control Panel is 
ultimately stored in the Windows registry database. 


You can access Control Panel through the Start Menu. In addition, certain applets are 
accessible by viewing object properties straight from the desktop or from Explorer. 


Control Panel applets are arranged by category by default, although you can display 
"All items" via the breadcrumb or the "View by" menu. Note that options with the & 


icon on or next to them will require you to authorize use of the command through 
User Account Control (UAC). 


WINDOWS SETTINGS 


Windows Settings is a touchscreen-enabled "app" interface for managing a Windows 
10 computer. 
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Windows Settings app. (Screenshot used with permission from Microsoft.) 


Most of the standard Windows 10 configuration settings can be located within 
Windows Settings, but not all of them. Some options are still configured via Control 
Panel. Each Windows 10 feature update tends to move more configuration options 
from Control Panel to Windows Settings, though. 


Note: In Windows 8, this app is referred to as "PC Settings" and is accessed via the 
Charms bar. 


USER ACCOUNTS 


A user account is the principal means of controlling access to computer and network 
resources and rights or privileges. Resources include access to files, folders, or 
printers; rights or privileges refers to the ability to make configuration changes or 
read/modify a data file. Each resource is configured with an access list, which is a list of 
users and their permissions for that resource. 
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A user account is protected by authenticating the account owner—making them 
provide some data that is known or held only by them. 


Each user account is also associated with a profile, stored in a subfolder of the Users 
folder. The profile contains per-user registry settings (ntuser.dat) and the default 
document folders. Software applications might also write configuration information to 
the profile. 


ADMINISTRATOR AND STANDARD USER ACCOUNTS 


When the OS is first installed, the account created or used during setup is a powerful 
local administrator account. The account is assigned membership of the local 
Administrators group. Generally speaking, you should only use this account to manage 
the computer—install applications and devices, perform troubleshooting, and so on. 


You should create ordinary user accounts for day-to-day access to the computer. This 
is done by putting additional users of the computer in the Standard users group. 
Standard users cannot change the system configuration and are restricted to saving 
data files within their own user profile folder or the Public profile. For example, a user 
named David with standard privileges could save files only within C:\Users\David or C: 
\Users\Public. Administrators can access any folder on the computer. 


Note: Windows protects system folders from non-root administrative users. These folders 
are owned by a system account (such as TrustedInstaller). This provides more 
protection against malware and misconfiguration. It is possible for any administrator 
account to take ownership of a system folder and override these protections, though. 


USER ACCOUNT MANAGEMENT 

The User Accounts applet in Control Panel allows users to manage their accounts. 
Users can manage local and network passwords and choose a picture to represent 
them on the log on screen. 
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User Accounts applet in Windows 7. (Screenshot used with permission from Microsoft.) 


Administrators can create and delete accounts or change the type of account (between 
administrator and user). 
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LOCAL AND MICROSOFT ACCOUNTS 


In Windows 8 and Windows 10, the User Accounts applet is still present and can still 
be used to change an account name or type, but it cannot be used to create new 
accounts. That function, plus most other account functions, is performed in the 
Accounts section of Windows Settings. Windows 8/10 accounts can either be local 
accounts (like Windows 7 user accounts) or linked to a Microsoft account, which gives 
access to Microsoft's cloud services and syncs desktop settings across multiple devices. 


Microsoft account x 


How will this person sign in? 


Enter the email address or phone number of the person you want to add. If they use 
Windows, Office, Outlook.com, OneDrive, Skype or Xbox, enter the email address or 
phone number they use to sign in. 


Email or phone 


j don't have this person's sign-in information 


Privacy statement 


Cancel Next 


Creating a new account. (Screenshot used with permission from Microsoft.) 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
VS and job aids on How to Create a User Account in Windows 10. 


UAC 


User Account Control (UAC) is a solution to the problem of elevated privileges. In 
order to change important settings on the computer, such as installing drivers or 
software, administrative privileges are required. Previous versions of Windows make 
dealing with typical administrative tasks as an ordinary user very difficult, meaning that 
most users were given administrative privileges as a matter of course. This makes the 
OS more usable but it also makes it much more vulnerable, as any malicious software 
infecting the computer would run with the same administrative privileges. 
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UAC SECURE DESKTOP 

Accounts with administrative privileges are mediated by UAC. UAC counters the 
problem of escalated privileges by first extending some system privileges to ordinary 
users but then running accounts in a sandbox mode. Tasks that require UAC are 
shown with a Security Shield icon. 


@ Change account type 


Security Shield icon showing that changing this setting will require UAC authorization. (Screenshot 
used with permission from Microsoft.) 


When a user needs to exercise administrative rights, she or he must explicitly confirm 

use of those rights: 

* Ifthe logged in account has standard privileges, an administrator's credentials must 
be entered via the authorization dialog box. 

* If the logged in account is already an administrator, the user must still click through 
the authorization dialog box. 

The desktop darkens into a special secure desktop mode to prevent third-party 

software from imitating the authorization dialog box. 


> | Windows PowerShell 


Verified publisher: Microsoft Windows 


Show more details 


UAC requiring confirmation of the use of administrator privileges. This account is an administrator so 
only a confirmation is required—no credentials have to be supplied. (Screenshot used with permission 
from Microsoft.) 


CONFIGURING UAC 

UAC protects the system from malware running with elevated administrator privileges. 
This is a good thing, but if you need to perform numerous system administration tasks 
at the same time, UAC can prove frustrating. You can configure UAC notifications to 
appear more or less frequently by using the configuration option in the User Accounts 
applet. 
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Tell me more about User Account Control settings 


Always notify 


Default - Notify me only when programs try to make 
changes to my computer 


© Don't notify me when I make changes to Windows 
settings 


(i) Recommended if you use familiar programs and visit 
-= - familiar websites. 


Never notify 


Configuring UAC notifications. (Screenshot used with permission from Microsoft.) 


ADMINISTRATIVE TOOLS 


One of the options in Control Panel is the Administrative Tools shortcut. 


OW: {$ « All Control Panel Items » Administrative Tools v| + SL Search Administrative Tools 


Organize v Burn 
Ft Favorites E 2 
W Desktop | A o 
| Componen Computer iSCSI Performanc 


t Services Manageme i Initiator i e Monitor 
nt 


|B Downloads 


2) Recent Places 


53 Libraries d i me s " = f <a 
B Documents AN F ri r FA 


d Music Print Services Windows Windows Windows 


x Manageme Configurati Scheduler Firewall Memory PowerShell 
E) Pict 

E) Pictures nt on with Diagnostic Modules 
E Videos Advanced... 


14 items 


Administrative Tools in Windows 7. (Screenshot used with permission from Microsoft.) 
Administrative Tools contains several shortcuts, giving you the ability to define and 


configure various advanced system settings and processes. There are also tools to 
assist with troubleshooting the system. 
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DEFAULT MICROSOFT MANAGEMENT CONSOLES 

Administrative Tools is a collection of pre-defined Microsoft Management Consoles 
(MMCs). Each console contains one or more snap-ins that are used to modify various 
settings. The principal consoles are: 


Component Services—enables you to register new server applications or 
reconfigure security permissions for existing services. 

Computer Management—the default management console with multiple snap-ins 
to configure local users and groups, disks, services, devices, and so on. 


Æ Computer Management = o x 
File Action View Help 


e 9| m B| H Œ 


+ Computer Management (Local) || Name bo 
v Ü$ System Tools Ü} System Tools || Computer Manage... & 
©) Task Scheduler Eä storage i 
More Actions > 


{@ Event Viewer 
E Shared Folders 


i Services and Applications 


em Tools ~ 
@® Local Users and Groups Sst 
®© Performance More Actions » 
M Device Manager 
& Storage 


SP Disk Management 
v Ey Services and Applications 
4 Services 
i WMI Control 


The default Computer Management console in Windows 10 with the configuration snap-ins shown 
on the left. (Screenshot used with permission from Microsoft.) 

Data Sources—control connections to databases set up on the local computer. 

Event Viewer—allows monitoring of Windows logs. System, security, and 

application events are recorded in these logs. There are also application- and 

service-specific logs. 

Local Security Policy—allows you to view and edit the current security policy. A 

computer that is a member of a domain will have the security settings defined in 

the domain security policy. 

Print Management—set properties and monitor local printers and manage printer 

sharing on the network. 

Reliability and Performance Monitoring—view the performance of the local 

computer. 

Services—start, stop, and pause services. 


Note: Windows 10 adds quite a few more shortcuts under Administrative Tools, including 
Disk Cleanup, System Configuration, System Information, and Task Scheduler. 


MMC CUSTOMIZATION 

As well as using the default consoles, you may find it useful to create your own. 
Consoles can be configured for each administrator and the details saved as a file with 
an MSC extension in their Start Menu folders. 


Note: Most MMC snap-ins can be used to manage either the local computer or a remote 
computer (a computer elsewhere on the network). 
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a Consolel - [Console Root] fol] ORES] 
-|8| x 
You can select snap-ins for this console from those available on your computer and configure the selected set of snap-ins. For 
extensible snap-ins, you can configure which extensions are enabled. 
~ 
Available snap-ins: Selected snap-ins: a 
> 


Snap-in Vendor E console Root 


-È ActiveX Control Microsoft Cor... Cal! Certificates (Local Computer) 


Ed Authorization Manager Microsoft Cor... 
É Certificates Microsoft Cor... 
ee. Component Services Microsoft Cor... 
W Computer Managem... Microsoft Cor... 
Device Manager Microsoft Cor... 
Ef Disk Management Microsoft and... 
E Event Viewer Microsoft Cor... 
(Folder Microsoft Cor... 
‘SP Security Monitor Microsoft Cor... 
3 IP Security Policy M... Microsoft Cor... 
=] Link to Web Address Microsoft Cor... 
.. Microsoft Cor... 


The Folder snap-in adds a folder node to the tree. This can be used to organize your snap-in console. 


(oc) (_ cane] 


Adding a Snap-in in Windows 7. (Screenshot used with permission from Microsoft.) 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vf and job aids on How to Create Custom MMCs in Windows. 


ACCESS OPTIONS FOR SYSTEM TOOLS 


Control Panel and Administrative Tools contain most of the shortcuts for the system 
features, but there are other ways of accessing key tools. 


COMPUTER/THIS PC 

The Computer object (renamed This PC in Windows 8/10) provides access to your 
local drives, printers, and any network drives that have been mapped. To browse 
resources, open Computer/This PC then the icon that represents the resource you 
want to view. 

By right-clicking the icon itself and selecting the Properties option from the menu, you 
can access System properties. You can also right-click and select Manage to open the 
default Computer Management console. 


WinX/POWER USERS MENU 

Pressing Windows+X or right-clicking the Start button shows a shortcut menu 
including Control Panel, Windows Settings, and File Explorer, but also management 
utilities such as Device Manager, Computer Management, Command Prompt, and 
Windows PowerShell®. 
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Microsoft 
El 
Apps and Features 


Power Options 


Event Viewer 


System 


Device Manager 
Network Connections 
Disk Management 
Computer Management 
Windows PowerShell 


Windows PowerShell (Admin) 


Task Manager 
Settings 

File Explorer 
Search 


Run 


Shut down or sign out 


Desktop 


Windows 10 WinX menu (right-click the Start button). (Screenshot used with permission from 
Microsoft.) 


Note: Contents of the WinX menu do change frequently. For example, the Control Panel 
link is no longer included in Windows 10 (1803). 


INSTANT SEARCH BOX AND RUN COMMAND 

The Instant Search box on the Start Menu/Start Screen will execute programs and 
configuration options using simple names. You can open any file or program by 
pressing the Windows key then typing the path to the file. In the case of registered 
programs and utilities, you simply need to type the program file name or utility name. 


Alternatively, you can access the Run dialog box using Windows+R or entering run 
into the search box. 


a 


= Run on] 


= Type the name of a program, folder, document, or Internet 
resource, and Windows will open it for you. 


Open: cmd v 


| Cancel | | Browse... 


Run dialog box. (Screenshot used with permission from Microsoft.) 
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Note: The run command is useful if you want to execute a program with switches that 
modify the operation of the software. For example, Microsoft Office programs can be 
executed using safe mode switches for troubleshooting. 


.MSC EXTENSIONS AND THE RUN LINE 


There are several management consoles that you can access via the Run line by using 
the .MSC extension. For example: 


* devmgmt.msc opens the Device Manager console. 
* diskmgmt.msc opens the Disk Management console. 


* compmgmt .msc opens the Computer Management console. 


COMMAND LINE TOOLS 


Most configuration of Windows can be done via convenient GUI tools, such as the 
management consoles and Control Panel. In some circumstances, though, it is 
necessary to use a command prompt to configure or troubleshoot a system. As you 
learn the commands, you may also find it quicker to use the command shell for actions 
such as file management. Learning commands is also valuable if you have to write 
scripts to automate Windows. 


COMMAND PROMPT 

You can run any command from the Run dialog box. However, to input a series of 
commands or to view output from commands, you need to use the command shell 
(cmd . exe). To open the prompt, type cmd in the Run dialog box or Instant Search 
box. 


Note: Alternatively, you can type command to achieve the same thing. This used to be 
specifically a DOS command interpreter, but now just links to cmd.exe. 


You may need to run the command prompt with elevated privileges in order to 
execute a command. If a command cannot be run, the error message "The requested 
operation requires elevation" is displayed. 


EA Command Prompt — o x 


Trying to run a command that requires elevation. You must open a new command prompt window as 
administrator. (Screenshot used with permission from Microsoft.) 


You cannot continue within the same window. You need to open a new command 
prompt as administrator. Right-click the command prompt shortcut and select Run as 


administrator then confirm the UAC prompt. Alternatively, type cmd in the Instant 
Search box then press Ctrl+Shiftt+Enter. 
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=| K o Filters V 
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Command Prompt 
Desktop app 
co Run as administrator 
Apps N 
Q Open file location 
@ Developer Cc 
+A Pin to Start 
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+A Pin to taskbar 
Ø CMD -see we 


Ø CMD 


Opening an elevated command prompt. (Screenshot used with permission from Microsoft.) 


When run as administrator, the title bar shows "Administrator: Command Prompt" and 
the default folder is C:\Windows\System32 rather than C:\Users\Username. 


E Administrator: Command Prompt — o x 


Elevated command prompt. (Screenshot used with permission from Microsoft.) 


Note: You can use this technique to open other utilities, such as Explorer or Notepad, 
with administrative privileges. 


COMMAND SYNTAX 


To run a command, type it at the prompt (>) using the command name and any 
switches and arguments using the proper syntax. When you have typed the command, 
press Enter to execute it. 

The syntax of a command lists which arguments you must use (plus ones that are 
optional) and the effect of the different switches. Switches are usually preceded by the 
forward slash escape character. 


Note: If an argument includes a space, it may need to be entered within quotes (.".."). 
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As you enter commands, the prompt fills up with text. If this is distracting, you can use 
the cls command to clear the screen. 


Some commands, such as ns Lookup or telnet, can operate in interactive mode. 
This means that using the command starts that program and from that point, the 
prompt will only accept input relevant to the program. To exit the program you use the 


exit or quit command (or press Ctrl+C). The exit command will close the cmd 
window if not used within an interactive command. 


GETTING HELP 

The command prompt includes a rudimentary help system. If you type he 1p at the 
command prompt then press Enter, a list of available commands is displayed. If you 
enterhelp CommandName, help on that command is displayed, listing the syntax 
and switches used for the command. You can also display help on a particular 
command by using the /? switch (for example, netstat /? displays help on the 
netstat command). 


E Administrator: Command Prompt = mj x 


s. This may be combi 


Fully Qualified Domain Names (FQDN) for foreign 


Help on the netstat command. (Screenshot used with permission from Microsoft.) 


TEXT EDITORS 


Many files used by the operating system and applications are in a binary file format 
that can only be interpreted by the application. A plain text file can be modified in any 
text editor, but if it is saved through an application other than a basic text editor, it 
could be converted to a binary format and so become unusable. Windows supplies the 
basic text editor Notepad to modify text files. There are many third-party alternatives 
with better features, however. 


RUN COMMAND 


You can also execute commands from Instant Search or from the Run dialog box. If a 
command is interactive, it will open a command prompt window for input. If a 
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command is non-interactive, the command prompt window will open briefly and close 
again as the command executes. If you want to force a command into interactive 
mode, use the cmd /k keyword before the command (for example, cmd /k 
ipconfig). 


WINDOWS SHUTDOWN OPTIONS 


When the user wants to finish using Windows, simply disconnecting the power runs a 
risk of losing data or corrupting system files. There are various choices for closing or 
suspending a session: 


* Shut down (/s)—close all open programs and services before powering off the 
computer. The user should save changes in any open files first but will be prompted 
to save any open files during shut down. 

* Standby/Sleep—save the current session to memory and put the computer into a 
minimal power state. 

* Hibernate (/h)—save the current session to disk before powering off the computer. 

* Log off (/1)—close all open programs and services started under the user account 
but leave the computer running. 

* Switch user—log on to another user account, leaving programs and files under the 
current account open. 

+ Lock—secure the desktop with a password while leaving programs running. 

e Restart (/ r)—close all open programs and services before rebooting without 
powering down. This is also called a soft reset. 


These options can be selected from the Start Menu/Start Screen or by pressing Ctrl 
+Alt+Del. 


Switch user 


Log off 
Lock 


Restart 


Sleep 
Shut down 


Options on the Windows 7 power button. (Screenshot used with permission from Microsoft.) 


Shut Down command. Microsoft expected users to just use the physical power button, 
which on a modern computer invokes a shut down command (soft power) rather than a 
hard reset (unless you keep the power button pressed down). Users were reluctant to 
adopt this method, no doubt following years of IT departments telling them not to turn 
off a computer that way. The power options in Windows 8.0 are accessed via the Charms 
bar. The Start button and a power button on the Start Screen was returned in 8.1. In 
Windows 10, it appears right above the Start button, where no one can miss it. 


© Note: One of the "quirks" of Windows 8.0 was the lack of an obvious way to select the 


The computer can also be shut down at a command prompt by using the shutdown 
command plus the relevant switch (shown in the previous figure). If a shutdown is in 
progress, shutdown /a aborts it (if used quickly enough). The /t nn switch can 
be used to specify delay in seconds before shutdown starts; the default is 30 seconds. 
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THE WINDOWS REGISTRY 


The Windows registry provides a remotely accessible database for storing operating 
system, device, and software application configuration information. When you boot a 
Windows machine, the registry is populated with information about hardware detected 
in your system. During boot, Windows extracts information from the registry, such as 
which device drivers to load and in what order. Device drivers also send and receive 
data from the registry. The drivers receive load parameters and configuration data. 
Finally, whenever you run a setup program or configure the system via Control Panel/ 
Settings or Administrative Tools, it will add or change data in the registry. 


The registry does have a dedicated tool called regedit for direct editing, but it is not 
the tool you would use on an everyday basis to modify configuration data. Control 
Panel/Settings and Administrative Tools are better options for most tasks. 


REGISTRY STRUCTURE 


The registry is structured as a Set of five root keys that contain computer and user 
databases. The computer database includes information about hardware and software 
installed on the computer. The user database includes the information in user profiles, 
such as desktop settings, individual preferences for certain software, and personal 
printer and network settings. 


Root Key Name Description 


HKEY_LOCAL_ MACHINE Hardware information such as bus type, system memory, 
device drivers, and startup control data. HKLM also 
contains the Security Accounts Manager (SAM) password 
file (not viewable) and system-wide software settings. 


HKEY_CLASSES_ROOT Object Linking And Embedding (OLE) and file association 
data. 


HKEY_CURRENT_USER Contains the profile for the user who is currently logged 
on, including environment variables, desktop settings, 
network connections, printers, and application 
preferences. 


HKEY_USERS Contains all actively loaded user profiles, including 
HKEY_CURRENT_ USER, which always refers to a child of 
HKEY_USERS, and the default profile. 


HKEY_CURRENT_CONFIG Contains system and software configuration information 
specific to this session. 


SUBKEYS AND VALUES 


Each root key can contain subkeys and data items called value entries. Subkeys are 
analogous to folders and the value entries are analogous to files. A value entry has 
three parts: the name of the value, the data type of the value, and the value itself. The 
following table lists the different data types. 


Data Type Description 

REG_BINARY Raw binary data. Most hardware component information 
is stored as binary data and displayed in hex format. 

REG_DWORD Data represented by a 4-byte number. Many parameters 


for device drivers and services are this type and can be 
displayed in binary, hex, or decimal format. 


REG_SZ A string or sequence of characters representing human- 
readable text. 
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Data Type Description 

REG_MULTI_SZ A multiple string. Values that contain lists or multiple text 
values are usually this type. Entries are separated by NULL 
characters. 

REG_EXPAND_SZ An expandable data string, which is text that contains a 


variable to be replaced when called by an application. For 
example, the string %SystemRoot% would be replaced by 
the actual location of the folder containing the Windows 
system files. 


REGISTRY DATABASE FILES 

The registry database is stored in binary files called hives. A hive comprises a single file 
(with no extension), a .LOG file (containing a transaction log), and a .SAV file (a copy of 
the key as it was at the end of setup). The system hive also has an .ALT backup file. 
Most of these files are stored in the %SystemRoot%\System32\Config folder, but hive 
files for user profiles are stored in the folder holding the user's profile. The following 
table shows the standard hives. 


Hive Files 
HKEY_CURRENT_CONFIG system, system.alt, system.log, system.sav 
HKEY_CURRENT_USER ntuser.dat, ntuser.dat.log 


HKEY_LOCAL_MACHINE ssam, sam.log, sam.savv 

\SAM 

HKEY_LOCAL_MACHINE\ security, security.log, security.sav 
SECURITY 

HKEY_LOCAL_MACHINE\ software, software.log, software.sav 
SOFTWARE 

HKEY_LOCAL_MACHINE\ system, system.alt, system.log, system.sav 
SYSTEM 

HKEY_USERS\.DEFAULT default, default.log, default.sav 


HKEY_CLASSES_ ROOT Not stored in a hive but built from the \SOFTWARE 
\CLASSES keys in CURRENT_USER and LOCAL_MACHINE 


EDITING THE REGISTRY 


You can start the Registry Editor by running regedit via Instant Search, the Run 
dialog box, or the command prompt. You can use it to view or edit the registry and to 
back up and restore portions of the registry. 


Use the Find tool (Ctrl+F) to search for a key or value. If you want to copy portions of 

the registry database and use them on other computers, select File—Export Registry 
File. The file will be exported in a registry-compatible format and can be merged into 

another computer's registry by double-clicking the file (or calling it from a script). 
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Editing the registry. (Screenshot used with permission from Microsoft.) 


A registration file is a plain text file. If you merge changes from a .reg file back to the 
registry, additions that you have made to the registry will not be overwritten. 
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Selecting a file format for exporting a registry key. (Screenshot used with permission from Microsoft.) 
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Use the Registry Hive Files format to create a binary copy of that portion of the 
registry. Restoring from the binary file will remove any additions you made, as well as 
reversing the changes. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
VW and job aids on How to Edit the Windows Registry. 
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Activity 11-3 


Discussing Windows Features and Tools 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. A user asks you how they can change Ease of Access settings. 


In which management interface(s) are these settings located in the different 
versions of Windows? 


2. You receive a call from a Windows 7 user who wants to "speed his computer up." 
After questioning him, you find that he is actually getting frustrated at having to 
click through UAC authorizations. He asks how to turn them off. 


Explain how this is done. Should you offer any other advice? 


3. True or false? Each version of Windows has an Administrative Tools shortcut 
folder in Control Panel. 


4. When would you use the mmc command? 


5. You are attempting to run a command but receive the message The requested 
operation requires elevation. 


What must you do to run the command? 
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6. Why might you run the shutdown command with the /t switch? 


7. What tasks would you perform using the regedit tool? 
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Activity 11-4 


Using Windows Features and Tools 


BEFORE YOU BEGIN 

The hands-on activities in this course use Virtual Machines (VMs) within the Hyper-V 
hypervisor. The VMs have been pre-installed on your HOST computer. Your instructor 
will explain how to sign-on to the HOST computer. 


If you are confident, try to complete the numbered steps independently. If you need 
guidance in completing a task, refer to the lettered sub-steps. 


SCENARIO 


In the first part of this activity, you will compare the desktop styles of Windows 10, 
Windows 7, and Windows 8.1. Think about which version you would recommend to a 
corporate client, based on ease of use. Later in the activity, you will identify the admin 
tools best suited to particular tasks and how to access them. 


Note: Activities may vary slightly if the software vendor has issued digital updates. Your 
instructor will notify you of any changes. 


1. Use Hyper-V Manager to start the PC1 VM and sign on using the account Admin 
and password Pa$$woOrd. 
a) Click in the Instant Search box and type hyperv. 
b) Select the icon for Hyper-V Manager in the search results. 
c) Inthe Virtual Machines panel, right-click PC1 and select Start. 
d) Double-click the VM to open the connection window. 


Fie Action Media View He 


ep 
SOO | >| Fe 


EE COMPTIA-LABS 


You can start, stop, or configure each VM through its own connection window in Hyper-V 
Manager. (Screenshot used with permission from Microsoft.) 


e) With the user name Admin shown, click in the box and type Pa$$wOrd and then press 
Enter to sign on. 
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f) 
8) 


Windows 10 boots to the desktop. This is the default behavior for a PC (or VM). Tablet 
mode boots to the Start Screen. This mode is selected automatically on tablet 
hardware, or you can apply it using Notification icon—Tablet mode. 


On the taskbar, select the Notification icon Bi to view the options. 
Select the Start button and explore the layout of the Start Screen. 
The first column contains shortcuts to frequently used settings and folder locations. 


The middle pane lists all apps installed on the computer. The last pane can be 
configured with app tile shortcuts and live files. 


2. Start the PC2 VM and sign on using the account Admin and Pa$$wo0rd for the 
password. Compare the Windows 7 desktop to Windows 10. 


a) 


b) 


c) 


d) 


e) 


Select the Hyper-V Manager window. In the Virtual Machines panel, right-click PC2 
and select Start. Double-click the VM to open the connection window. 


Press Ctrl+Alt+End to show the sign-on screen. 


Note: When the mouse is within the VM window, keyboard commands work 
on the VM, not on the HOST. The only exception is that pressing CtrI+Alt+Del 
while in the VM does send the command to the host, so in the VM, you need to 
press CtrI+Alt+End in instances where you would normally press Ctrl+Alt 
+Del. 


Select Switch User, then select Other User to use a different account to the one 
shown initially. 

In the User name box, type .\Admin. Type Pa$$w0rd in the Password box and then 
press Enter. 

This VM is joined to a domain but the domain server is not started. Using .\ tells 
Windows to use a local account for authentication, rather than the domain server. 
Compare the Windows 7 desktop and taskbar to the Windows 10 desktop. 

On PC2, select the Start button and explore the layout of the Start Menu. Observe the 
links to the configuration applets and the shortcuts in the All Programs submenu. 


3. Start the Windows 8.1 VM and sign on with the same account details as you used 
previously. Compare the Windows 8.1 desktop to Windows 7 and Windows 10. 


a) 
b) 


c) 


e) 


8) 


Start the PC3 VM and open a connection window. 
Sign on to the Admin account using the Pa$$w0rd credential. 


This Windows 8.1 build boots to the Start Screen. Also, you might see a tip showing 
how to access the Charms bar. 


See if you can follow the tip instructions to show the Charms bar—move the cursor to 
the top-right corner of the connection window and then pull down. If you struggle 
with this, press Windows+C instead. 


From the Charms bar, select Settings. Note the Power icon. 

Later patches for Windows 8.1 include the Power icon at the top of the Start Screen. 
Press the Windows key to toggle between the Start Screen and desktop. 

With the desktop showing, right-click the taskbar and select Properties. Select the 
Navigation tab. Note the option to boot to the desktop rather than the Start Screen. 
Select Cancel. 

Show the Start Screen again. Move the mouse to the bottom of the window and 
select the arrow that appears. 


This shows all the apps installed on the computer. 
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h) Examine some of the differences to Windows 10. 
In Windows 10, the account options and access to the power button and settings are 
more conveniently placed on the left of the Start Screen. It is also easier to browse 
the All Apps list. 


You won't use Windows 8.0 in these activities, but you should be aware that this 
version of Windows shipped without a Start button. 


Windows 8 Pro 
Build 9200 


This is the Windows 8.0 desktop—note the lack of a Start button. (Screenshot used with 
permission from Microsoft.) 


Use the Windows 10 VM to create a new standard user account. Sign on with the 
new account and try to escalate the account privileges to trigger a UAC prompt. 


a) Switch to the PC1 connection window. In the VM, select Start then select the Settings 


icon. 


b) Select Accounts—Other people—Add someone else to this PC. 


Note: In some builds of Windows 10, instead of Add someone else to this 
PC, you might see Family & other people. Selecting either of these options 
opens the same dialog box. 


c) Type the name Sam and the password Pa$$w0rd as requested. 


Caution: You are using the same weak password for every account in these 
activities. You must NEVER do this outside of a training environment. 


d) Input some text in response to the security questions. 


A real user would use these to recover a forgotten password, but it does not matter 
what you enter for this activity. 


e) Select Next to create the account. 


f) Select Start, then select the account icon o and select Sign out. 
g) Inthe VM connection window, select View—Enhanced session. 

This setting needs to be turned off because of the security settings on the VM. 
h) Click to dismiss the privacy shade, and then select Other user. 
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i) 
j) 


k) 


m) 


In the User name box, type .\Sam. Type Pa$$w0rd in the Password box and then 
press Enter. Wait while Windows configures the account profile. 


Press the Windows key, and then type control panel. Select Control Panel from the 
search results. 


In the Control Panel window, from the View by list box, select Small icons. Observe 
the full list of configurable applets. 

Windows 10 retains quite a few configuration settings in the Control Panel interface. 
Select User Accounts and then select Manage User Accounts. 

This triggers the UAC authorization dialog box and secure desktop. You must enter 
the credentials of an administrator account to continue. 

Select No. 


5. Open the default management console on the Windows 10 and Windows 7 VMs 
and compare them. Create a custom management console with the Certificates 
snap-in on the Windows 7 (PC2) VM. 


a) 


b) 


c) 


d) 


8) 


h) 
i) 
j) 


On the PC1 VM, right-click the Start button to show the WinX menu. This contains 
shortcuts to a selection of administrative tools. 


In this Windows 10 build (1803), shortcuts to the legacy command prompt and 
Control Panel are no longer present. 

Select Computer Management. 

This is the default management console. Amongst other things, you can use it to view 
logs, configure accounts, and manage devices, disks, and services. 

Switch to the PC2 VM and right-click the Start button. Notice that there is no WinX 
menu. Select Start instead, then right-click Computer and select Manage. 
Computer Management is almost identical between Windows 7 and Windows 10. 
Select Start, then type mmc and press Enter. Select Yes to accept the UAC 
authorization. 

Because you are signed in with an administrator account, you do not need to enter 
credentials. 

In the Console1 window, select File-Add/Remove Snap-in. 


Select Certificates and select the Add button. With My user account selected, select 
Finish. Select OK. 


Select File+Add/Remove Snap-in—Certificates—Add. This time, select Computer 
account and select Next. With Local computer selected, select Finish. Select OK. 
You have configured a console to use to manage digital certificates installed on the 
computer and under a user account. 

Select File—Save. Type Certificates and select Save. 

Close the console. 

Select Start—Control Panel. Compare the applets to those present in Windows 10. 


6. In Windows 7, open a command prompt and use the he 1p, notepad, 
chkdsk, and shutdown commands. 


a) 
b) 
c) 


d) 


In the PC2 VM, select Start and then type cmd and press Enter. 

Type help and press Enter. Browse the list of supported commands. 
Right-click the title bar and select Edit—Select All. Press Enter. 

This copies the contents of the command window. 

Type notepad and press Enter. 

This opens the text editor utility in a new window. 

Press Ctrl+V to paste the command output into the Notepad window. 
Close the file, saving it as commands. 

Close the Notepad window. 

Back in the command prompt window, type cmd /? and press Enter. 
The syntax of the command interpreter is shown. 
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i) Read a couple of pages, then press Ctrl+C to cancel and return to the prompt. 
j) | Type chkdsk and press Enter. Note the error message. 


k) Select Start then type cmd and press Ctrl+Shift+Enter. Select Yes to confirm the 
UAC prompt. 


) Type chkdsk and press Enter. 
This time, the command executes. 

m) Run the following command to restart the computer after a short delay: 
shutdown /r /t 30 


The registry is a database of computer and user configuration settings. Usually 
changes are made by program installers and uninstallers and the Windows 
administrative tools, but in some circumstances you may need to make edits 
directly. Open the Registry Editor on the Windows 7 VM. 
a) Switch to the PC2 VM. If necessary, log in as Admin. Select Start, type regedit, then 
select the shortcut found in the results. Select Yes at the UAC prompt. 
You can now see the registry hives in the left-hand pane (there are five). 
b) Select the arrow next to HKEY_LOCAL_MACHINE to see its subkeys. Expand SYSTEM 
by selecting its arrow. You can see more than one control set. These are discrete 
configuration sets. Expand CurrentControlSet. 


This is the working configuration set. 


Back up a subkey, then modify a value and revert the change by using your 

backup file. 

a) Inthe Registry Editor, navigate to HKEY_CURRENT_USER-— Control 
Panel—Desktop. This section of the registry contains per-user settings, stored in the 
account profile as NTUSER.dat. 

b) Inthe right panel, scroll down and locate the Wallpaper value. You can see that a 
wallpaper is currently set. 

c) From the Registry Editor menu, select File—Export. Verify that the Export range 
option is set to Selected branch and Save as type is set to Registration Files (the 
binary format). In the File Name text box, type backup and then select Save. 

You have saved the user's desktop settings to a REG file, including their wallpaper 
setting. 

d) Right-click the desktop and select Personalize. Select DesktopBackground. From the 
Picture location list, select Solid color. Choose any color and then select Save 
changes. 

e) Switch to the Registry Editor and press F5 to refresh the data. The wallpaper value 
should now be blank. 

f) | From the Registry Editor menu, select File->Import. Double-click the backup file. 

g) Select OK at the confirmation dialog box. 

h) Sign out and sign back in to verify that the original background has been restored. 


If you have time, explore the Settings app on Windows 10 and Windows 8.1. You 
do not need to look at every option—just try to form an understanding of the 
major headings and configuration pages. In Windows 10, focus on important 
sections, such as System, Devices, Network, and Update & Security. 


At the end of each activity, you need to close the VMs. You will always discard any 
changes you made. 


a) From the connection window, select Action—Revert. If prompted, select the Revert 
button to confirm. 


b) Repeat to revert the other VMs. 
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Note: You can also revert each VM by using the Hyper-V Manager console. 
Right-click the VM and select Revert. At the end of the activity, the state of 
each VM should be listed as Off. 
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Topic D 


Manage Files in Windows 


H 


EXAM OBJECTIVES COVERED 

1002-1.4 Given a scenario, use appropriate Microsoft command line tools. 
1002-1.5 Given a scenario, use Microsoft operating system features and tools. 
1002-1.6 Given a scenario, use Microsoft Windows Control Panel utilities. 


1002-2.6 Compare and contrast the differences of basic Microsoft Windows OS security 
settings. 


File management is a critical part of using a computer. As a computer support 
professional, you will often have to assist users with locating files. You should also be 
familiar with the Windows system folders and know how to perform file management 
at the command prompt as well as the GUI. 


WINDOWS FILE AND FOLDER MANAGEMENT TOOLS 


File Explorer provides hierarchical access to the system objects, drives, folders, and 
files stored on the computer. Explorer enables you to open, copy, move, rename, view, 
and delete files and folders. 

Note: File Explorer was previously called "Windows Explorer." It is often just referred to 

as "Explorer," as the process is run from the file explorer. exe. 


m Angs] Tome Tasis This PC - oOo X 
Computer View Manage 7 e 
oa Uninstall or change a program 
Mate @ : 
. jE System properties 
Properties Open Rename Access Map network Add a network Open 
media» = drivev location Settings Manage 
Location Network System 
= ~ 4 G> Thispc wv © Search This PC Pp 
A . 
vox Quick access 4 v Folders (7) Local Disk (C:) 
JẸ Downloads t Local Disk 
4d 
= i r 
V Mil Desktop 3D Objects Desktop Documents Downloads iE 
y IB ceive Coui Fie hy DE <p 
> & James at CompTIA mn 
Music Pictures Videos 
v Œ ThisPC Space used: E 
> IP 3D Objects v Devices and drives (4) Space free: 78.8 GB 
> El Desktop f- File system: NTFS 
> [E] Documents nB Le BitLocker status: Off 
Local Disk BD-ROM Seagate Flash Drive 
> $ Downloads (©) Drive(D:) Expansion E 
> J Music Drive (E:) 
> (©) Pictures 
> Vid 
fE Videos o 
1litems 1 item selected E] 


File Explorer in Windows 10. (Screenshot used with permission from Microsoft.) 


Explorer appears as a two-paned window showing the hierarchical structure of your 
system. The left pane shows folders and the right pane shows the contents of the 
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currently selected folder. Arrow symbols are used to indicate parts of the hierarchy 
that can be expanded or collapsed. 


Note: You can navigate the whole thing using the keyboard. Use Tab and Shift+Tab to 
switch between panes. Use the Up and Down arrows to move between folders and Left 


and Right arrows to expand and collapse trees. 


The basic principle is that ordinary users can write (save data files) only to their profile 
folders and a special public profile. All other areas of the file system are protected; 
accessible only to accounts with administrative privileges. 


SYSTEM HIERARCHIES IN WINDOWS VERSIONS 


In Windows, system objects are organized in a hierarchy. While the system objects 
themselves remain much the same, their exact name and place in the hierarchy 
changes from Windows version to Windows version. The basic purpose of the system 
objects is to mediate user access to personal files stored within their own folder plus 
local drives and network shares. 


WINDOWS 7 SYSTEM HIERARCHY 

In Windows 7, each profile folder contains subfolders for different types of files 
(documents, pictures, music, video, and so on). User access to the profile folder is 
largely mediated through the Libraries feature. Libraries are virtual folders that can 
represent content saved in different locations in the file system and on different file 
systems. For example, a documents library could show the contents of the user's 
documents folder and a USB drive. 


a= 
[ec] faa 
( Key OE Computer > ~| || Search Computer P| 
(BIR) Edit view Tools Help 
Organize ¥ Properties System properties Uninstall or change a program =» Sas! @ 
F Favorites — 4 Hard Disk Drives (1) 
E Desktop | 
|B Downloads | | 
~ | Recent Places ~ 
3 Libraries 
S Documents = | Local Disk (C:) 
a Music 4 Devices with Removable Storage (2) 
E) Pictures 
E Videos > @ 
aĝ Homegroup £ G 
Ai Computer Floppy Disk Drive DVD Drive (D:) 
P (A) 
Local Disk (C:) Space used: W ~~) Total size: 63.8 GB 
Local Disk Space free: 56.9 GB File system: NTFS 


Windows 7 system objects. (Screenshot used with permission from Microsoft.) 


The Computer system object allows the user to explore the contents of any local drives 
attached to the PC. The Network and Homegroup objects show servers and their 
shared files and printers on the local network. Favorites is a place for users to add 
shortcuts to other folders or locations in the file system. 
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WINDOWS 8 SYSTEM HIERARCHY 


In Windows 8, the computer object is named This PC and contains the user's desktop, 
the main document folders (including a downloads folder for files saved via the 
browser), and any local drives. The Libraries feature is hidden by default. Network, 
Homegroup, and Favorites work in the same way as Windows 7. The top level may also 
contain the OneDrive® object, which allows access to a cloud-based storage folder 
linked to the user's Microsoft account. 


Computer View 


© ~ > > ThisPC vė Search This PC 


a Ft Favorites 
E Desktop 
B Downloads 


E] Recent places 
l OneDrive 


aĝ Homegroup 


4 Folders (6) 


À Desktop 


hk Downloads 
È Pictures 


T 


T Documents 
D Music 
È Videos 


4 Devices and drives (2) 


je Deskt 
i já P H Local Disk (C:) 
“| Documents = 


B Downloads 
p Music 

È Pictures 

B Videos 

į Local Disk (C:) 


& 4 
3 DVD RW Drive (D:) 


86.7 GB free of 231 GB 


Gu Network 


Windows 8 system objects. (Screenshot used with permission from Microsoft.) 


WINDOWS 10 SYSTEM HIERARCHY 

When browsing the computer using File Explorer in Windows 10, two top-level 
categories are shown in the navigation pane. Quick access contains shortcuts to 
folders that are most useful (replacing Favorites). These can be modified by dragging 
and dropping. By default, it contains shortcuts to your personal Desktop, Downloads, 
Documents, and Pictures folders. 
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v gł Quick access 
4 Downloads 


=| Documents 


v E Desktop 
[æ Creative Cloud Files 
(@ OneDrive - CompTIA 
ĝ James at CompTIA 

> Œ This PC 

‘m Libraries 
we Flash Drive (l:) 
d Seagate Expansion Drive (E:) 
o> Network 
EE Control Panel 
&) Recycle Bin 


File Explorer navigation pane showing top-level categories in Windows 10. (Screenshot used with 


permission from Microsoft.) 


The second top-level category is the Desktop. Under the "Desktop" object, you can find 
the following categories: 


OneDrive—if you sign into the computer with a Microsoft account, this shows the 
files and folders saved to your cloud storage service on the Internet. As you can see 
from the screenshot, other cloud service providers may add links here, too. 

User account—the folders belonging to your account profile. For example, in the 
previous screenshot, the user account is listed as "James at CompTIA." 

This PC—access to user-generated files in the user's profile plus the hard drives 
and removable storage drives available to the PC. 

Libraries—these can be used to create views of folders and files stored in different 
locations and on different disks. As with Windows 8, Libraries may be hidden by 
default, unless the computer was upgraded from Windows 7. 

Network—contains computers, shared folders, and shared printers available over 
the network. 

Control Panel—options for configuring legacy Windows features. Most 
configuration is now performed via the Settings app rather than Control Panel. 
Recycle Bin—provides an option for recovering files and folders that have been 
recently deleted. 


DRIVES, FOLDERS, AND FILES 


The top-level categories in the navigation pane show "logical" system objects. Actual 
data storage is configured on one or more drives. Each drive can have folders and files 
stored on it. 


LOCAL DRIVES 
Within the Computer/This PC object, drives are referred to by letters and optional 
labels. A "drive" can be a single physical disk or a partition on a disk. A drive can also 
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point to a shared network folder "mapped" to a drive letter. By convention, the A: drive 
is the floppy disk (very rarely seen these days) and the C: drive is the partition on the 
primary fixed disk holding the Windows installation. 


Every drive contains a directory called the root directory. The root directory is 
represented by the backslash (\ ). For example, the root directory of the C: drive is C:\. 
Below the root directory is a hierarchical structure of directories called subdirectories. 
A sample directory structure is shown in the diagram. 


Program Files Windows 


1 System32 
Config 


C:\Windows\System32 


Drivers 


Typical Windows directory structure. 


Files may be placed at each level but the root, and certain other folders are designated 
as system and protected from use by standard users. While it is possible to create 
subfolders off the root folder, it is much better to keep user data within the profile 
subfolder within "Users." 


FOLDER CREATION 


You can use the shortcut or File menus to create a new folder within another object. 
Windows has various folder naming rules that must be followed when modifying the 
folder structure: 


* No two subfolders within the same folder may have the same name. Subfolders of 
different folders may have the same name, though. 

* Folder names may not contain the following reserved characters: \/:*?" <> | 

* The full path to an object (including any file name and extension) may not usually 
exceed 260 characters. 


A warning message is displayed if these rules are not followed and the user is 
prompted to enter a new folder name. 


Note: Folder and file names are case aware, which means that the system preserves case 
in the name as entered but does not regard the case as significant for operations such as 
detecting duplicate names or indexing. 


FILE CREATION 


Files are the containers for the data that is used and modified through the operating 
system and applications. Files store either text or binary data. Text data is human- 
readable, while binary data can only be interpreted by a software application 
compatible with that file type. Most user-generated files are created via the Save 
command of an application. 


Files follow a similar naming convention to folders, except that the last part of the file 
name represents a file extension, which describes what type of file it is. The extension 
is used by Windows to associate the file with an application. The extension is divided 
from the rest of the file name by a period. By convention, extensions were three 
characters, but there are many applications (such as Microsoft Office) that now use 
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four or more characters for the file extension. By default, the extension is not shown to 
the user. 


@ Note: You can use a period as part of the main part of the file name, too. It is the last 


period that delimits the file extension. 


SYSTEM FILES 


System files are the files that are required for the operating system to function. These 
files are typically hidden because their deletion can prevent the computer from 
working properly. For system files, both the file extension and the location of the file in 
the system hierarchy are important, as they help the computer recognize it as a system 
file. 


The root directory of a typical Windows installation normally contains the following 
files and subdirectories: 


* Windows—the system root, containing drivers, logs, add-in applications, system 
and registry files (notably the System32 subdirectory), fonts, and so on. 


Note: System32 contains most of the applications and utilities used to manage and 
configure Windows. This is true even of 64-bit versions of Windows. 32-bit Dynamic 


Link Libraries (DLL) running under 64-bit Windows are stored in the SYSWOW64 
folder. 


* Program Files/Program Files (x86)—subdirectories for installed applications 
software. In 64-bit versions of Windows, a Program Files (x86) folder is created to 
store 32-bit applications. 

+ Users—storage for users’ profile settings and data. Each user has a folder named 
after their user account. This subfolder contains NTUSER.DAT (registry data) plus 
subfolders for "Documents," "Music," "Pictures," "Downloads," "Saved Games," 
"Searches," and so on. The profile folder also contains hidden subfolders used to 
store application settings and customizations, favorite links, shortcuts, temporary 
files, and so on. There is also a "Public" profile, which is used for sharing documents 
between users on the same computer. The Users folder also contains a subfolder 
called "Default," which is the template for new user profiles. 

* bootmgr—this file can present boot options when the computer starts. It reads 
information from the Boot Configuration Data (BCD) store, which is usually stored in 
a hidden System Reserved partition. 

* pagefile.sys—Virtual Memory pagefile. Virtual memory is used to store data used 
by running applications when there is not enough system memory (RAM). 


Note: In Windows 8 and Windows 10, you will also see a swapfile.sys file. This is used 
by Windows Store apps. 


* hiberfil.sys—image of memory contents saved when the computer is put into 
hibernation. 


FILE ATTRIBUTES 


A file's name is just one of its attributes. Other attributes include the date the file was 
created, accessed, or modified; its size; its description; and the following markers, 
which can be enabled or disabled. 


Attribute Usage 


Read-only (R) Prevents changes being saved back to the file. The user will be 
prompted to create another file containing the modified data. 
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Attribute Usage 

Hidden (H) Specifies whether the file is visible in the default view (it is possible 
to adjust Windows to display hidden files and folders, though). 

System (S) Specifies that the file should not be accessible to ordinary users. 

Archive (A) Shows whether a file has changed since the last backup. 


Files stored on a drive formatted using the NTFS file system have extended attributes, 
including permissions, compression, and encryption. 


PERMISSIONS 


To view, create, modify, or delete a file in a folder, you need the correct permissions on 
that folder. Permissions can also be applied to individual files. Administrators can 
obtain full permissions over any file, but standard users can generally only view and 
modify files stored either in their profile or in the public profile. If a user attempts to 
view or save a file with insufficient permissions to do so, Windows displays an Access 
Denied error message. 


Custom permissions can be configured for a file or folder using the Security tab in its 
properties dialog box. 


a Documents Properties x 
Location Previous Versions Customise 
General Sharing Security 


Object name: C:\Users\James\Documents 


Group or user names: 

a James at CompTIA 

SR HomeUsers (COMPTIA\HomeUsers) 

BÈ Administrators (COMPTIA\Administrators) 


To change pemissions, click Edit. Edit... 


Permissions for SYSTEM Allow Deny 
Full control vt 
Modify 
Read & execute 
List folder contents 
Read 
Write v 


For special permissions or advanced settings, 
click Advanced. alee 


Viewing permissions for a folder object. (Screenshot used with permission from Microsoft.) 
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To configure permissions, you first select the account to which the permissions apply. 
You can then set the appropriate permission level. In simple terms, the permissions 
available are as follows: 


Permission Allows the user to: 

Full control Do anything with the object, including change its permissions and 
its owner. 

Modify Do most things with an object but not to change its permissions or 
owner. 

Read/list/ View the contents of a file or folder or start a program. 

execute 

Write Read a file and change it, or create a file within a folder, but not to 
delete it. 

FOLDER OPTIONS 


The Folder Options applet in Control Panel (or the Tools menu in Explorer or Options 
button in File Explorer) governs how Explorer shows folders and files. On the General 
tab, you can set options for the layout of Explorer windows. 


General | View | Search | 


Browse folders 


= ©) Open each folder in its own window 


Click items as follows 
te) © Single-click to open an item (point to select) 
N Underline icon titles consistent with my browser 


@) Underline icon titles only when | point at them 


© Double-click to open an item (single-click to select) 


Navigation pane 
si [E] Show all folders 
J [E] Automatically expand to current folder 


Restore Defaults 


How do | change folder options? 


Folder Options dialog box—General tab in Windows 7. (Screenshot used with permission from 
Microsoft.) 


On the View tab, you can configure a number of settings for how folders and files are 
shown. 
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Folder Options Sa 
View | Search : 
Folder views 


n You can apply the view (such as Details or Icons) that 
PEG you are using for this folder to all folders of this type. 


Advanced settings: 


PE Files and Folders a 


|] Always show icons, never thumbnails 
[E] Always show menus 
[¥] Display file icon on thumbnails 
[V] Display file size information in folder tips 
[E] Display the full path in the title bar (Classic theme only) 
d Hidden files and folders 
©) Dont show hidden files, folders, or drives 
@ Show hidden files, folders, and drives 
[V] Hide empty drives in the Computer folder 
[E] Hide extensions for known file types 


[V] Hide protected operating system files (Recommended) 


m 


4 


| Restore Defaults | 


(ox) Dp P 


Folder Options dialog box—View tab in Windows 7. (Screenshot used with permission from Microsoft.) 


You should pay particular attention to the following settings: 


* Hide extensions for known file types—Windows files are identified by a three- or 
four-character extension following the final period in the file name. The file 
extension determines which software application is used to open, edit, or print the 
file by default. Overtyping the file extension (when renaming a file) can make it 
difficult to open, so extensions are normally hidden from view. 

* Hidden files and folders—a file or folder can be marked as "Hidden" through its file 
attributes. Files marked as hidden are not shown by default but can be revealed by 
setting the Show hidden files, folders, and drives option. Note that this will not 
show "system" files, unless the following option is also disabled. 

* Hide protected operating system files—this configures "system" files as hidden. It is 
worth noting that in Windows, File/Resource Protection prevents users (even 
administrative users) from deleting these files anyway. 


You can configure file search behavior on the Search tab. Search is also governed by 
how the Indexing Options applet is configured. This allows you to define indexed 
locations and rebuild the index. A corrupted index is a common cause of search 
problems. 


In Windows 10, you can use the View menu ribbon to toggle hidden items and file 
extensions without going through the Folder Options dialog box. 
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Setting view options in the Windows 10 version of File Explorer. (Screenshot used with permission from 
Microsoft.) 


DIRECTORY NAVIGATION AT THE COMMAND PROMPT 


Even under a GUl-operated OS such as Windows, it is important for a PC technician to 
be able to complete file management and configuration operations using the 
command prompt. Some actions can be completed more quickly using commands; 
some commands can only be issued from a command-line; and sometimes the GUI 
may not be available. 


DIRECTORIES AND THE COMMAND PROMPT 

If the root directory of the C: drive is selected, the command prompt will display C:\> 
The greater than sign (>) at the end of the prompt separates the prompt information 
from your input. If you change from the current directory (in this example, the root 
directory) to a first-level directory called "Windows," the prompt would become C: 
\Windows>. 


Changing to a second-level directory called "System32" would change the prompt to C: 
\Windows\System32\>. 


A backslash ( \ ) is used to separate each directory level. 


Note: While Windows uses the backslash to delimit directories, if you type a path using 
forward slashes in Explorer or at the command prompt, it will still be interpreted 


correctly. The Linux file system uses forward slashes. 


THE DEFAULT DRIVE 

Each drive is assigned its own drive letter. When using the command prompt from 
Windows, the default path will usually be %HomePath% (for example, C:\Users\David). If 
the command prompt is open using Run as administrator, the default path will be C: 
\Windows\System32. 


To change the working drive, just enter the drive letter followed by a colon and press 
Enter. For example, E: changes to the "E" drive. The prompt will change to E:\> 
indicating that the default drive is now drive E. 
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Note: If you try to switch to a removable drive when the disk is not in the drive, it will 
generate an error. 


C:\Windows\system32\cmd.exe =. 5 Ea] 


icrosoft Windows [Version 6.3.96001 
cc) 2013 Microsoft Corporation. All rights reserved. 


=\Users\David>a: 
he system cannot find the drive specified. 


=\Users\David>_ 


Changing the default drive and dealing with a missing drive. (Screenshot used with permission from 
Microsoft.) 


CHANGING THE CURRENT DIRECTORY (CD) 

To find a particular file, it is often necessary to move around the directory structure. 
The cd (chdir) command is used to change the current directory. You can change to 
any directory by entering the full path, such as: cd c:\users\david 


There are a number of shortcuts, however. If the current directory is "C:\Users\David" 
and you want to change to "C:\Users\David\Documents," enter: cd documents 

If the current directory is "C:\Users\David\Documents" and you want to move up to the 
parent directory, enter: cd. . 


If the current directory is "C:\Users\David" and you want to change to the root 
directory of the drive, enter: cd\ 


C:\Windows\system32\cmd.exe - ES 


=\Ocd c:\users\david 
=\Users\David>cd documents 
=\Users\David\Documents>cd. . 
=\Users\David>cd\ 

=\Ocd users 


=\Users >cd\windows 


=\Windows >, 


Navigating directories with the cd command. (Screenshot used with permission from Microsoft.) 
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If the current directory is "C:\Users" and you want to change to "C:\Windows," enter: 
cd\windows 


It is not possible to move across from one directory to another at the same level. To 
reach "C:\Windows" from "C:\Users," the command has to return to the root directory 
and then select the chosen branch. 


Commands such as cd\ or cd. . do not require a space. A common error is to use 
ed\Directory whencd Directory is required. To move further down the 
directory structure, use a space. The command cd\Directory sends the prompt 
back to the root directory from where it would then attempt to move into "Directory." 


LISTING FILES AND DIRECTORIES (DIR) 


Use the dir command to list the files and subdirectories from either the current drive 
and directory or from a specified drive and directory. 


ic = \Windows >dir 
Volume in drive C has no label. 
Volume Serial Number is D6DB-17CF 


Directory of c:\Windows 


25711/2615 J <DIR> 

257/1172015 : <DIR> ate 

22/68/2613 : <DIR> addins 
22/68/2613 : <DIR> ADFS 
16/69/2615 H <DIR> AppCompat 
12/11/2615 H <DIR> apppatch 
62/12/2615 H <DIR> AppReadiness 
8/11/2613 H <DIR> assembly 
22/68/2613 : bf suc .exe 
22/68/2613 : <DIR> Boot 
22/68/2613 z <DIR> Branding 
1371172013 : <DIR> BrowserCho ice 
14/69/2615 : <DIR> Camera 
12/11/2615 : <DIR> ChsTemp 
6/11/2613 : <DIR> csc 
22/68/2613 : <DIR> Cursors 
12/11/2613 z <DIR> debug 
22/68/2613 : <DIR> DesktopTileResources 
22/68/2613 g <DIR> diagnostics 


dir command. (Screenshot used with permission from Microsoft.) 


A subdirectory will be listed with <DIR> next to it in normal view or with square 
brackets [Windows] around the name if dir/w is used to list in wide view. To view all 


files and directories within the current directory, enter: dir 

To view the files and directories in the root directory of the "A:" drive when your 
current drive is "C:" enter: dir A: \ 

The \ following the A: is important. Typing justdir A: ordir C: would list the files 
present in the current directory for that drive (the last one used). To view files in a 
specific directory on drive A, you must type the full path; for example, dir A: 
\backups 

If the current directory has more than one screen of files and directories, type: 


e dir/w (lists files using wide format with no file details). 

e dir/p (lists files one screen at a time). 

e dir/w/p (both of the above). 

You can present files in a particular order using the /o : x switch, where x could be n 


to list by name, s to list by size, e to list by extension, or d to list by date. The date field 


can be set by the /t : x switch, where x is c for created on, a for last access, or w for 
last modified. 
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Another useful switch is / a: x, which displays files with the attribute indicated by x (r 
for Read-only, h for hidden, s for system, and a for archive). 


WILDCARDS (QUESTION MARK [?] AND ASTERISK [ * ]) 


A wildcard character allows you to use unspecified characters with the command. A 
question mark (?) means a single unspecified character. For example, the command 


dir ???????? . log will display all .log files with 8 characters in the file name. 


The asterisk can be used to indicate a string of unspecified characters. The following 
examples show possible ways to use the asterisk with the dir command: 


* dir *.*—displays all files and directories in the current directory. 

* dir *.doc—displays all files with the DOC extension in the current directory. 

e dir let*.doc—same as the previous example, but only shows files with LET as 
the first characters of the name. 

e dir let*.doc /s—sameas the previous example, but also searches 
subdirectories. 


* dir *.—displays all files without an extension. This is often used to view 
directories. 


FILE MANAGEMENT AT THE COMMAND PROMPT 


The move and copy commands provide the ability to transfer files from one disk or 
directory to another from a command prompt. Both commands use a three-part 
syntax: COMMAND Source Destinationwhere Source is the drive name, 
path, and name of the files to be moved/copied and Dest inationis the drive 


name and path of the new location. When using copy, you can enter a different 
filename to create a duplicate in the same directory. For example, you want to copy all 
the files from the "C:\Documents" directory to the "C:\Backup" directory. You also want 
to move any files with a "txt" extension from the "C:\Backup" directory to the "C: 
\Backup\Archive" directory. 


COPYING DIRECTORY STRUCTURES 

xcopy is a utility that allows you to copy the contents of more than one directory at a 
time and retain the directory structure. The syntax for xcopy is as follows: xcopy 
Source [Destination] [Switches] 

You can use switches to include or exclude files and folders by their attributes. Check 
the command help for additional switches and syntax. 

robocopy 

robocopy (or "robust copy") is another file copy utility. It was previously available in 
the Windows Resource Kit but is now included as a native command in Windows. 
Microsoft now recommends using robocopy rather than xcopy. 


robocopy is designed to work better with long file names and NTFS attributes. 
Check the command help for additional switches and syntax. 


~ Note: Despite the name, you can also use robocopy to move files (/mo v switch). 
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RENAMING A FILE 

To change a file name, use the ren command. The syntax of this command is: ren 
OldName NewName. For example, to rename the ReadMe.txt file to ReadNow.doc, 
use the following command: ren readme.txt readnow.doc 


To rename multiple files, wildcard characters may be used. For example, ren *.txt 
* doc will rename all files with an extension of TXT to DOC. 


Note: Changing a file extension is not usually a good idea, as the file will no longer be 
associated with the application used to open it. 


DELETING A FILE 


To remove a file from a directory or a disk, use the de 1 command. The erase 
command has identical usage. The following switches are available with the de 1 


command: 

Switch Use 

/p Prompt to delete for each file. 

J£ Suppress prompt for read-only files. 

/q Suppress prompt on wildcard delete. 

/s Delete files from subdirectories. 

ja: Delete files with particular attributes (for example, /a: r) or 
without particular attributes (for example, /a: - r). 

CREATING A DIRECTORY 


To create a directory, use the md or mkdir command. For example, to create a 


directory called "Data" in the current directory, type md Data. To create a directory 
called "Docs" in a directory called "Data" on the A drive, when the current path is "C:\," 


typemd A:\Data\Docs 


REMOVING A DIRECTORY 

To delete an empty directory, type rd Directory. Ifthe directory is not empty, 
you can remove files and subdirectories from it using the rd /s command. You can 
also use the /q switch to suppress confirmation messages (quiet mode). 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vf and job aids on How to Copy Files and Folders at the Command Prompt. 
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Activity 11-5 


Discussing File Management in 
Windows 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Which is or are the main location(s) for system files in Windows? 


2. True or false? In Windows 7, libraries cannot contain network folders. 


3. You receive a call from a user trying to save a file and receiving an "Access 
Denied" error. 


Assuming a normal configuration with no underlying file corruption, 
encryption, or malware issue, what is the cause and what do you suggest? 


4. You need to assist a user in changing the extension of a file. 


Assuming default Explorer view settings, what steps must the user take? 


5. What is the effect of running the cd. . command? 


Lesson 11: Supporting Operating Systems | Topic D 


656 | The Official COompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


6. Which Windows command is probably best suited for scripting file backup 
operations? 
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Topic E 


Manage Disks in Windows 


EXAM OBJECTIVES COVERED 
El 1002-1.3 Summarize general OS installation considerations and upgrade methods. 


1002-1.4 Given a scenario, use appropriate Microsoft command line tools. 
1002-1.5 Given a scenario, use Microsoft operating system features and tools. 


Much of the time the default options for Windows Setup will take care of preparing the 
computer's fixed disk storage for use. Equally, there will be plenty of occasions in your 
career when you need to configure custom partitions, use different file systems, or 
configure software RAID. This topic will teach you how to perform such disk 
management tasks using the console and command-line tools. 


DISK PARTITIONS 


A mass storage device or fixed disk, such as Hard Disk Drive (HDD) or Solid State Drive 
(SSD), requires partitioning and formatting before it can be used. The Disk 
Management snap-in is used to configure partitions, or you can use diskpart from 
a command line. For a new installation, you can configure and format partitions using 
the Setup program. 


PARTITIONING 


Partitioning the physical disk is the act of dividing it into logically separate storage 
areas, often referred to as "drives." You must create at least one partition on a fixed 
disk before performing a high-level format to create a file system. Typically, this is done 
through Windows Setup when building a new PC or through Disk Management when 
adding an extra disk. 


Information about partitions is stored in a Master Boot Record (MBR), which is located 
in the first 512 byte sector on the disk. The GUI (Globally Unique Identifier) Partition 
Table (GPT) provides a more up-to-date scheme to address some of the limitations of 
MBR. 


Under Windows, disks can be configured as either basic or dynamic. Configuring 
dynamic disks enables the use of multiple disks for single "volumes" and is discussed 
later. 


Note: Volume (or drive) is a term used at the OS level to refer to a contiguous storage 
r) area formatted with a single file system. This could mean a partition on a hard disk, a 

CD-ROM, a floppy disk, or a RAID virtual disk spanning multiple hard disks. The term 

partition is more specific than volume—it refers to an area on a hard disk or SSD. 


MBR-STYLE PARTITIONING 


With basic storage and MBR-style partitions, a given physical disk can contain up to 
four primary partitions, any one of which can be marked as active, and therefore made 
bootable. This allows for four different "drives" on the same physical disk and for 
multiple operating systems (a multiboot system). You might also use partitions to 
create discrete areas for user data file storage, storing log files, or hosting databases. 
Each drive can be formatted with a different file system. 
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Each primary partition contains a boot sector, or Partition Boot Record (PBR)/Volume 
Boot Record (VBR), at the start of the partition. When a partition is marked as active, its 
boot sector is populated with a record that points to the Windows boot loader 
(typically C:\Windows\System32\winload.exe). This active partition is also referred to as 
the system partition or system reserved partition. 


The drive containing the operating system files (the system root) is referred to as the 
boot partition. This can be on a logical drive in an extended partition and does not 
have to be the same as the system drive. The typical installation options for Windows 
create a "hidden" system reserved partition (with no drive letter) and label the boot 
partition as drive C:. 


If for some reason four drives are insufficient, then three primary partitions can be 
created and the remaining disk space allocated to an extended partition, which itself 
can be divided into as many logical drives as needed. Extended partitions do not have 
boot sectors and cannot be made active. 


GPT-STYLE PARTITIONING 


A disk with no existing partitions on it can be converted to use the GPT-style partition 
format. All currently supported versions of Windows have read/write support for GPT 
disks. GPT is required on the boot device for 64-bit versions of Windows when installed 
to a computer with Unified Extensible Firmware Interface (UEFI) firmware. A computer 
with older Basic Input/Output System (BIOS) firmware will normally have to use MBR. 


One of the features of GPT is support for more than four primary partitions. Windows 
allows up to 128 partitions with GPT. GPT also supports larger partitions (2 TB+) and a 
backup copy of the partition entries. A GPT-style disk includes a Protective MBR for 
compatibility with systems that do not recognize GPT. 


of additional hidden utility partitions, including one for the Recovery Environment (RE). 
You can read more about Microsoft's recommended partition scheme at 
docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/configure- 
uefigpt-based-hard-drive-partitions. 


Q Note: For Windows 10 ona UEFI PC, Microsoft's recommendation is to create a number 


FILE SYSTEMS 


High-level formatting prepares a partition for use with an operating system. The 
format process creates a file system on the disk partition. Each partition can be 
formatted using a different file system. Drives for use with Windows should generally 
be formatted using NTFS, which is more efficient and supports advanced features such 
as permissions, encryption, and quota management. The older FAT/FAT32 system can 
be used for compatibility with legacy versions of Windows or other operating systems 
in a dual-boot environment. 


CLUSTERS 


The smallest unit of storage on a fixed disk has traditionally been the 512 byte sector. 
A file system is not restricted to using a single sector as the basic unit of storage, 
however. The file system can group sectors into clusters (or Allocation Units) of 2, 4, or 
8 sectors. Smaller clusters make more efficient use of the disk capacity, but using 
larger clusters can improve file Input/Output (I/O) performance, especially when 
working with large files. 


As fixed disk sizes have increased, some disk models now use Advanced Format, with 4 
kilobyte (4K) sector sizes. If supported by the OS and PC firmware, these can be used in 
native mode; if not, the drive controller will usually present the disk in 512 emulated 
(512e) mode. 
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NEW TECHNOLOGY FILE SYSTEM (NTFS) 


The New Technology File System (NTFS) is a proprietary file system developed 
exclusively for use with Windows. It provides a 64-bit addressing scheme, allowing for 
very large volumes and file sizes. In theory, the maximum volume size is 16 Exabytes, 
but actual implementations of NTFS are limited to between 137 GB and 256 Terabytes, 
depending on the version of Windows and the allocation unit size. The key NTFS 
features are: 


* Recovery—NTFS utilizes sector sparing and transaction tracking to provide reliable 
data transfer. When data is written to an NTFS volume, it is re-read and verified. In 
the event of a problem, the sector concerned is marked as bad and the data 
relocated. Transaction tracking logs all disk and file system activity, making recovery 
after power outage a faster and more reliable process. 

* Security—NTFS has many security features. These include file permissions and 
ownership, file access audit trails, quota management, and Encrypting File System 
(EFS). 

* POSIX Compliance—in efforts to support the UNIX/Linux community, Microsoft 
engineered the NTFS file system to support case sensitive naming, hard links, and 
other key features required by UNIX/Linux applications. Although the file system is 
case-sensitive capable and preserves case, Windows does not insist upon case 
sensitive naming. 

* Compression—NTFS allows file- or folder-level compression. 

* Indexing—the Indexing Service creates a catalog of file and folder locations and 
properties, speeding up searches. 

* Dynamic Disks—this is a disk management feature allowing space on multiple 
physical disks to be combined into volumes. 


Note: Windows Home/Core editions do not support dynamic disks or encryption. There is 
a cipher.exe tool to allow the user to decrypt files but no option to perform encryption of 
files or folders. 


The only significant drawback of NTFS is that it is not fully supported by operating 
systems other than Windows. macOS can read NTFS drives but cannot write to them. 
Linux distributions and utilities may be able to support NTFS to some degree. 


FAT 
The FAT file system is named for its method of organization—the File Allocation Table. 
This 16-bit table of values provides links from one allocation unit to another. 


Note: FAT was originally designed as a 12-bit file system for floppy disks (FAT12). The 16- 
bit version (FAT16) was developed for the first PCs to ship with hard drives. 


FAT16 


A FAT16 system does not support the recovery or security features of NTFS. The 
maximum volume size is either 2 GB or 4 GB, depending on the version in use, and the 
maximum file size is the volume size minus 1 byte. Its only significant feature is that it 
is compatible with all Microsoft operating systems plus macOS and Linux, and 
therefore ideal in a multiboot environment or for removable media that must be 
shared between different operating systems. 


FAT32 

FAT32 does not differ greatly from FAT16. Because it has a 32-bit allocation table, it 
supports larger volumes than FAT16—nominally up to 2 TB, though the Windows Setup 
program will only format partitions up to 32 GB in size. It suffers from the same 
reliability and security issues as FAT16. The maximum file size is 4 GB minus 1 byte. 
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Again, it is ideal in a multiboot or removable storage environment with Windows 9x, 
macOS, or Linux, but it is not supported by DOS. 


EXFAT 

Another option is a 64-bit version of FAT called exFAT. exFAT is designed for use with 
removable hard drives and flash media. Like NTFS, exFAT supports large volumes (128 
petabytes) and file sizes (16 exabytes). Its real use is not for massive drives, however, 
but for better performance on moderate size volumes (up to 1 TB) than NTFS. There is 
also support for access permissions but not compression or encryption. 


CDFS 

The CD File System (CDFS or ISO 9660) is a legacy file system used for CD optical disc 
media (CD-ROM and CD-R). CDFS supports two main data writing modes: mode 1 has 
better error correction, whereas mode 2 allows more data to be written to the disc. 
Joliet is an extension to CDFS that enables long file name support and Unicode 
characters in file names. 


UDF (ISO 13346) 

The Universal Disk Format (UDF or ISO 13346) is an updated file system for optical 
media with support for multisession writing. It is the standard used by Windows, where 
it is referred to as Live File System, for CD and DVD recordable and rewritable discs. 
There are several different versions of UDF, with 2.01 being the default in Windows. 
Blu-ray reading and writing requires version 2.5 and third-party software. 


THE WINDOWS DISK MANAGEMENT CONSOLE 


Windows provides the Disk Management console to format disks and manage 
partitions. The utility displays a summary of any fixed and removable drives attached 
to the system. The top pane lists drives; the bottom pane lists disks, with information 
about the partitions created on each disk and any unpartitioned space. 


File Action View Help 


e| mbm E 


: Simple i Healthy (B... 63.66 GB 54.46GB 86% 
tg IRM_CL1_X64FRE_... Simple i Healthy (P... 1.83 GB 0MB 0% 
Ga System Reserved Simple i Healthy (S... 350 MB 61 MB 17% 


Eä Disk 0 TE Sn a ee 
Basic System Reserved 

64.00 GB 350 MB NTFS 63.66 GB NTFS 

Online Healthy (System, Active, Primary Part |) Healthy (Boot, Page File, Crash Dump, Primary Partition) 


EADisk 1 A 
Basic 

126.88 GB 126.88 GB 

Online Unallocated 


“Disk 2 ee 
Basic 

126.88 GB 126.88 GB 

Online Unallocated 


<ico-Romo 
DVD IRM_CL1_X64FRE_MULTI_DV5 (D:) 

1.83 GB 1.83 GB UDF 

Online Healthy (Primary Partition) 


BB Unallocated J Primary partition 


Disk Management utility in Windows 8.1. (Screenshot used with permission from Microsoft.) 
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To open the tool, right-click Computer/This PC and select Manage then select the 
Disk Management icon under Storage. You can also use the WinX menu (right-click 


INITIALIZING DISKS 


If you add a hard disk to the system, you will be prompted to initialize it when you start 
Disk Management. You can choose whether to use the MBR or GPT partition style for 


the new disk. 


You must initialise a disk before Logical Disk Manager can access t. 


Use the following partition style for the selected disks: 


= 


Note: The GPT partition style is not recognised by all previous versions of 
Windows. 


[ox] [ Conca 


Initializing newly detected disks—note the option to choose between MBR and GPT. (Screenshot used 


with permission from Microsoft.) 


When a disk has been initialized, you can create partitions on it. You can also create a 
new partition on an existing disk if there is unpartitioned space on the disk. 


ADDING DRIVES AND ASSIGNING DRIVE LETTERS 


To create a new partition, right-click an area of unallocated space and select New 
Simple Volume. Complete the wizard to select: 


Amount of disk space to use (in megabytes—recall that 1024 MB is 1 GB). 


Specify Volume Size 


Choose a volume size that is between the maximum and minimum sizes. 


Maximum disk space in MB: 


Minimum disk space in MB: 


Simple volume size in MB: 


New Simple Volume Wizard—configuring volume size. (Screenshot used with permission from 


Microsoft.) 


Assign a drive letter or a mount point. You can also choose not to assign a drive or 
mount point, in which case the volume will be inaccessible via Explorer. 
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Assign Drive Letter or Path 
For easier access, you can assign a drive letter or drive path to your partition 


O Mount in the following empty NTFS folder: 


© Do not assign a drive letter or drive path 


New Simple Volume Wizard—configuring access path. (Screenshot used with permission from 
Microsoft.) 


FORMATTING THE DRIVE 

To complete the wizard, you must select a file system to use to format the new 

partition. You can make the following choices: 

e NTFS or FAT for the file system. 

* Allocation unit size—default settings are usually best (selects a size based on the 
volume size). As a rule of thumb, a small allocation unit size is efficient if the disk 
stores mainly small files or vice versa, but a typical desktop machine will make equal 
use of small and large files. 

* Volume label—shown in Explorer along with the drive letter. 

* Quick format—a full format checks the disk for bad sectors; selecting the quick 
format option skips this check. 


Format Partition 
To store data on this partition, you must format it first. 


Choose whether you want to format this volume, and if so, which settings you want to use. 


© Do not format this volume 


File system: 


Allocation unit size: Default 


Volume label: New Volume 


v| Perform a quick format 


Enable file and folder compression 


New Simple Volume Wizard—formatting the volume. (Screenshot used with permission from 
Microsoft.) 


Note: Both types of format remove references to existing files in the volume boot record 
but the actual sectors are not "scrubbed" or zeroed. Existing files will be overwritten as 
new files are added to the volume, but in principle data can be recovered from a 
formatted disk (using third-party tools). A secure format utility prevents this by 
overwriting each sector with a zero value, sometimes using multiple passes. 
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Having set up the disk structure, if you want to change it in the future, then partitions 
can be managed using the shortcut menu, which contains options to mark a partition 
as active, re-format or delete it, or change its drive letter. You can also access the 
volume properties sheet, which contains options for the disk performance tools and 
access permissions and quota management (on NTFS volumes). 


Note: You cannot format or delete system or boot partitions. 


SPLITTING AND EXTENDING PARTITIONS 


You can shrink or extend simple volumes formatted with NTFS and unformatted 
volumes. Shrinking a volume then creating a new volume on the same disk allows you 
to "split" the original volume. Shrinking a volume is contingent on the files stored in the 
volume. If there is an unmovable file, the volume cannot be shrunk past it. Extending a 
volume is contingent on the amount of space left on the physical disk. 


a Disk Management = 
File Action View Help 


e| u m AX S aR 


Volume Layout Type File System Status Capacity Free Spa... | % Free 
© (C) Simple Basic NTFS Healthy (B... 63.66 GB 5446GB 86% 
AQIRM_CL1_X64FRE_.. Simple Basic UDF Healthy (P... 1.83 GB OMB 0% 
(a System Reserved Simple Basic NTFS Healthy (S... 350 MB 61 MB 17% 


Total size before shrink in MB: 


Size of available shrink space in MB: 


Enter the amount of space to shrink in MB: 


Total size after shrink in MB: 


i) You cannot shrink a volume beyond the point where any unmovable files are located 
See the "defrag" event in the Application log for detailed information about the 
operation when it has completed. 


See "Shrink a basic volume" in Disk Management help for more information 
Disk 2 
Basic 
126.88 GB l Cancel 
Online 


< co-RoMmo 


DVD IRM_CL1_X64FRE_MULTI_DV5 (D:) 
1.83 GB 1.83 GB UDF 
Online Healthy (Primary Partition) 


BB Unallocated J Primary partition 


Shrinking a simple volume. (Screenshot used with permission from Microsoft.) 


Note: Before trying to shrink a volume, disable the hibernation file and pagefile, then 
clean up and defragment the disk. It may be worth trying a third-party defragmentation 
utility to try to move files that Windows' built-in Defragmenter cannot. 


DISK ARRAYS 


Dynamic storage allows the creation of volumes spanning multiple disks (an array). 
Dynamic disks can only be read by the Professional/Enterprise (and Ultimate) editions 
of Windows. 
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Note: Windows Home/Core editions do not support dynamic disks at all, so if you were to 
configure dynamic disks under Windows 7 Professional, then move the disks to a 
computer running Windows 7 Home Premium, the volumes would not be readable. Also, 
the option to convert from basic to dynamic disks is disabled on laptops. 


Only fixed disks can be used. A fixed disk is one installed within the computer and 
connected by the SATA or NVMe (PCI Express) bus. Disks connected via USB, 
Thunderbolt, or eSATA cannot be converted to dynamic. 


DYNAMIC VOLUME TYPES 

Dynamic volumes can be in the following configurations: 

+ Simple—occupies space on a single disk. There is little difference in practice 
between this and a basic volume. 

+ Spanned—a volume using space on two or more disks. This arrangement is also 
referred to as JBOD (Just a Bunch Of Disks). 

* Striped—a volume using space on two or more disks configured using RAID 0 to 
improve performance. Basically data is written across all disks, whereas spanned 
just uses up space on the volume using the standard file access pattern. 


=i Disk Management - a 


File Action View Help 


e| E m| A sE 


File System Free Spa... Í % Free 


54.46GB 86% 


OMB 0% 
Select Disks 61 MB 17 % 
You can select the disks and set the disk size for this volume. 


Select the disks you want to use, then click Add. 


Available: Selected: 


Disk 1 129918 MB 


i Disk2 129918 MB 


< Remove 


< Remove All 


Total volume size in megabytes (MB): 


Maximum available space in MB 
Select the amount of space in MB: 


DVD IRM_CL1_X64FRE_MULTI_DV5 (D:) 
1.83 GB 1.83 GB UDF 
Online Healthy (Primary Partition) 


BB Unallocated J Primary partition 


Creating a mirrored volume dynamic disk array. (Screenshot used with permission from Microsoft.) 

+ Mirrored—a volume where one disk stores a copy (mirror) of the other disk. This 
provides redundancy (RAID 1). Redundancy means that one of the disks can fail, but 
the volume will still be accessible. 

* RAID 5—a volume where data is spread across three or more disks. The system 
writes parity information alongside the data. If one of the disks is damaged, the 
remaining data can be combined with the remaining parity information to keep the 
volume functioning. RAID 5 is only supported under Windows 8/10. 


MANAGING VOLUMES 


When a mirrored volume has been set up, you have two options for converting the 
mirror set back to a simple volume: 
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* Breaking the mirror leaves the data in the volumes on both disks intact. You would 
also use this option to replace one of the disks in the mirror set (install the physical 
disk then use the Add Mirror command on the existing volume). 


File Action View Help 
e| m|A X S Sag 


Volume | Layout | Type [ File System Í Status Í Capacity | Free Spa... | % Free 
& (C:) Simple Basic NTFS Healthy (B... 63.66 GB 5445GB 86% 
&3IRM_CL1_X64FRE_... Simple Basic UDF Healthy (P... 1.83 GB 0MB 0% 
& New Volume (E:) Mirror Dynamic NTFS Re-synchr... 126.87 GB 126.76GB 100% 
a System Reserved Simple Basic NTFS Healthy (S... 350 MB 61 MB 17% 


EADisk 0 Á- _————EE—EEEE>y>_—S= 
Basic | System Reserved (©) 

64.00 GB [350 MB NTFS 63.66 GB NTFS 

Online | Healthy (System, Active, Primary Part || Healthy (Boot, Page File, Crash Dump, Primary Partition) 


“#Disk 1 

Dynamic New Volume (E:) 
126.88 GB 126.87 GB NTFS 
Online Re-synchronising 


iDisk 2 | 
Dynamic (New Volume (E:) 
126.88 GB [126.87 GB NTFS 


Online /Re-synchronising 


3cp-romo 
DVD 


IRM_CL1_X64FRE_MULTI_DV5 (D:) 
1.83 GB 1.83 GB UDF 
Online | Healthy (Primary Partition) 


E Unallocated IJ Primary partition J Mirrored volume 


When a physical disk underlying a mirrored volume fails, you can install another disk and add it to 
the mirror—a resynching process will start to copy data from the first disk to the second. 
(Screenshot used with permission from Microsoft.) 
* Removing a mirror deletes the volume (and any files it contains) from that disk, 
leaving the volume on the other disk as a simple volume. 


Note: Spanned and striped volumes offer flexibility, but if any of the disks in the array 
fail, all data on the volume will be lost. Only mirroring and RAID 5 provide redundancy. 


A dynamic disk can be converted back to basic, but the volumes (and any data on 
them) must be deleted first. As with basic partitions, volumes must be formatted (NTFS 
or FAT/FAT32) before they can be available to the OS. 


DRIVE STATUS INDICATORS 


Each disk and drive displays status indicators in the Disk Management program. Disks 
can have the following status indicators: 


* Online—The disk is OK. 

* Not Initialized—When you add a new unpartitioned disk, a wizard runs, prompting 
you to initialize, partition, and format the disk. If you cancel the wizard, the disk will 
appear as Not Initialized. Right-click to start the wizard again. 

* Unreadable—The disk is damaged. This message can be transitory so try right- 
clicking the Disk Management tool and selecting Rescan Disks. If the disk is still 
shown as unreadable, you would have to use third-party tools to try to recover data 
from it. 
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Foreign—if you configure a disk as dynamic on one computer, then install the disk 
in another computer, it will be marked as foreign. Right-click the disk and select 
Import Foreign Disk to make it accessible to the system. 

Offline/Missing—a disk configured as dynamic cannot be read. This could be a 
transitory error but is more likely to indicate that the drive or I/O to the drive is 
damaged, a cable is unplugged, the disk has been switched off, and so on. There are 
two options: 


e Ifthe disk can be restored, use the Reactivate Disk option to add it back to the 
array. 
* Ifthe disk cannot be restored, use the Remove Disk option. 


File Action View Help 
@9|n/Em|Axgeocag 


Layout | Type | File System | Status Capacity Free Spa... | % Free 
Simple Basic NTFS Healthy (B... 63.66 GB 5442GB 85% 
e Simple Basic UDF Healthy (P... 1.83 GB 0MB 0% 
Mirror Dynamic NTFS Failed Red... 126.87 GB 126.76GB 100% 
(a System Reserved Simple Basic NTFS Healthy (S... 350 MB 61 MB 17% 


4 
EADisk 0 SS 2 E Se 
Dynamic New Volume 
126.88 GB 126.87 GB NTFS 
Online Failed Redundancy 


CADisk 1 T a- 
Basic System Reserved (c) 

64,00 GB 350 MB NTFS 63.66 GB NTFS 

Online Healthy (System, Active, Primary Partit | | Healthy (Boot, Page File, Crash Dump, Primary Partition) 


Missi 
Dynamic New Volume 
126.87 GB 126.87 GB NTFS 
Missing Failed Redundancy 


Sicp-romo 
DvD 


IRM_CL1_X64FRE_MULTI_DV5 (D:) 
1.83 GB 1.83 GB UDF 
Online Healthy (Primary Partition) 


H Unallocated IJ Primary partition [J Mirrored volume 


One of the disks underlying the mirrored volume is missing and consequently the volume is marked as 


failed. (Screenshot used with permission from Microsoft.) 


Volumes (or partitions) can have the following status indicators: 


Healthy—The volume is formatted and ready to read and write data. Healthy 
(System) indicates that the volume contains the boot loader, whereas Healthy 
(Active) represents the system volume used to boot. Healthy (Boot) represents a 
volume containing an OS, whereas Healthy (Page File) shows one storing a pagefile. 
A drive may also display as Healthy (At Risk), which means that a number of I/O 
errors are occurring—a good sign that the disk or controller is failing. 
Failed/Unknown—This either indicates a damaged disk (basic) or a dynamic 
volume where the supporting disk drives are not available. You need to check the 
status of the devices (if cabling and power are OK, the disk[s] or controller may have 
been damaged). A volume listed as "Unknown" has an unreadable boot sector. 
Failed Redundancy—A RAID volume that is still working but that is no longer fault 
tolerant. You should identify the failed disk and replace it. 

Regenerating—When a disk is brought back into a damaged RAID 5 volume, the 
controller begins regenerating parity information for the volume. It should be 
accessible during this period, but performance will be worse. 

Resynching—Occurs when a disk is restored to a mirrored volume. 
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* Formatting—A user-initiated format is in progress. Wait for the format to complete 
before trying to access the volume. 


STORAGE SPACES 


As mentioned previously, dynamic disks can only be configured on local fixed disks. 
Windows 8/10 comes with a Storage Spaces feature, allowing arrays to be configured 
across all kinds of storage devices, including USB-connected disks. Also, Storage Spaces 
is available in the "core" and home editions, unlike dynamic disks. 


To configure a storage space, first select the drives that you want to add to the pool. 
You can then configure what type of redundancy to configure (mirrored or parity), 
format the volume, and assign a drive letter. 


~  § « Storage Spaces » Create a storage pool 


Select drives to create a storage pool 


Unformatted drives 


Virtual HD ATA Device Disk 1 
Attached via ATA 
127 GB 


Virtual HD ATA Device Disk 2 
Attached via ATA 
127 GB 


Create pool l Cancel 


Adding drives to a storage space pool. (Screenshot used with permission from Microsoft.) 


T §& « StorageSpaces > Create a storage space vė 


Enter a name, resiliency type and size for the storage space 
Name and drive letter 

Name: Storage space 

Drive letter: 

File system: 
Resiliency 


Resiliency type: Two-way mirror v 


@ A two-way mirror storage space writes two copies of your data, helping to protect you from a single 
drive failure. A two-way mirror storage space requires at least two drives. 


Size 
Total pool capacity: 
Available pool capacity: 
Size (maximum): 


Including resiliency: 


Create storage space Cancel 


Configuring drive letter, file system, and redundancy options for the pool. (Screenshot used with 
permission from Microsoft.) 


MOUNT POINTS AND DISK IMAGES 


A mount point means that rather than allocating a drive letter to a volume, it is 
accessed from a designated folder in the file system. The host file system must be 
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NTFS but the volume mounted can be formatted with any type of file system. For 
example, you might partition and format a removable hard disk then mount it as a 
DATA volume within a user's Documents folder. To assign a volume to a mount point, 
first create a folder at the point in the file system you want to mount the drive. This 
folder must be empty. Next, either run the New Partition/Volume Wizard or unassign 
the drive letter from an existing partition and mount it (use the Change Drive Letter 
and Paths shortcut menu to do this). 


a 


Gg- | p Libra... » Docume... > v | +4 | | Search Documents p | 
Organize v Open Share with v New folder aw fi @ 
Fr Favorites Documents library > Or 


Includes: 2 locations 


Libraries — 


= E 
1 Computer aa À = 


&, Local Disk (C:) _ DATA | Reports Memo 


%% CD Drive (D:) Virtual 


Cu Network 


DATA Date modified: 5/15/2012 1:59 PM 


í sv File folder 


DATA volume mounted within the Documents library—notice that no "DATA" drive appears under any 
of the drive letters. (Screenshot used with permission from Microsoft.) 


Disk images are used with virtualization software to store data written to a virtual 
machine's hard drive. Windows supports mounting Windows Hyper-V disk image files 
(VHD and VHDX) within the local file system (right-click Disk Management and select 
Attach VHD). An ISO image is a file copy of a CD or DVD. Windows 7 cannot mount ISO 
images natively, though there is third-party software available to do this, but Windows 
8/10 can. You can also burn an image to a physical disc through Explorer. 


DISK AND VOLUME MANAGEMENT AT THE COMMAND 
PROMPT 


The Disk Management snap-in is easy to use but there are some circumstances where 
you may need to manage volumes at a command prompt. 


THE diskpart COMMAND 


The diskpart command is the command interface underlying the Disk 
Management tool. It can be run at an elevated Windows command prompt or 
Windows Recovery Environment/Pre-installation Environment. 


Note: The Disk Management tool prevents you from completing certain destructive 
actions, such as deleting the system or boot volume. diskpart is not restricted in this way, 


so use it with care. 
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There are too many options in diskpart to cover here, but the basic process of 
inspecting disks and partitions is as follows: 


1. Runthe diskpart utility then enter select disk 0 atthe prompt (or the 
number of the disk you want to check). 

2. Typedetail disk and then press Enter to display configuration information 
for the disk. The utility should report that the partitions (or volumes) are healthy. 
If diskpart reports that the hard disk has no partitions, the partition table may 


have become corrupted by a virus. You may be able to resolve this by partitioning 
and formatting the drive. 


3. Enter either select partition Oorselect volume 0 atthe prompt 
(or the number of the partition or volume you want to check). 

4. Enter either detail partitionordetail volume to view information 
about the object. You can now use commands such as assign (change the drive 
letter), de le te (destroy the volume), or extend. 

5. Enter exit to quit diskpart. 


a) C:\Windows\system32\diskpart.exe = ax | 


IDISKPART> detail disk 


Dell Virtual Disk SCSI Disk Device 
i : 9E49C9D3 
: SAS 
: Online 


Crashdump Disk 
Clustered Disk 


Volume ###ł Ltr Label i Status 


Volume 1 System Rese NTFS Partition MB Healthy System 
Volume 2 C NTFS Partition 231 GB Healthy Boot 


DISKPART> 


The diskpart program showing a hard disk partition structure. (Screenshot used with permission from 
Microsoft.) 


THE format COMMAND 
The format command formats (or re-formats) the drive using the specified file 
system. This process deletes any data existing on the drive. 

Note: You can convert a FAT drive to NTFS without losing data using the command 


convert volume /fs:ntfs. It is not possible to convert back from NTFS. A 
full backup of the disk should always be taken before converting. 


The basic command is format volZume, where volume is a drive letter or volume 
name. The main switches are as follows. 


Switch Use 

/fs: Specify the file system (such as NTFS, exFAT, FAT32, or FAT). 

/v: Enter a label for the volume. If you do not include this switch, you 
are prompted for a label when format is complete. 

/q Perform a quick format (does not scan for bad sectors). 
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Switch 
Ja: 


/X 
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Use 


Specify the size of allocation units (512, 1024, 2048, 4096, 8192, 
16K, 32K, 64k). If omitted, the default size depends on the size of 
the volume. 


Force the volume to dismount. This will cause file errors for users 
with files open on the volume. 


Enable file compression if using NTFS. It's not usually a good idea 
to enable compression on the drive root, especially if the drive 
contains system files. Use folder properties to enable compression 
on a case-by-case basis. 
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Activity 11-6 


Discussing Windows Disk Management 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Ifa single physical disk is divided into three partitions, how many different 
file systems can be supported? 


2. What is the difference between the boot partition and the system partition? 


3. What type of partitioning scheme must a disk use if Windows is installed to 
a 64-bit UEFI-based computer? 


4. True or false? A volume or partition MUST be assigned a drive letter to 
access it via Explorer. 


5. You are troubleshooting a problem and find a disk marked as "foreign" listed 
under Drive Management. 


What does this mean? 


6. A customer with a Windows 10 Home computer contacts you. She stores family 
photos on the computer's hard disk, but says she has read about disk failure and 
worries that they might be at risk. 


Is she right to be concerned and what solutions can you suggest? 
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7. Isthecommand format d: /fs:exfat /q valid? If so, what is its 
effect, and what precaution might you need to take before running it? 


8. Diagnose the configuration and error status shown in this exhibit. 


i Disk Management = o x 
File Action View Help 
e9 mum axy REBA 


Volume Layout File System Status 

- Simple i Healthy (R... 
- Simple i Healthy (E... 
= (C) Simple i NTFS Healthy (B... 
w= CES_X64FREV_EN-... Simple i UDF Healthy (P... 
=A MIRROR Mirror i NTFS Failed Red... 


= Disk 0 

Basic (c) 

63.98 GB 450 MB 99 MB 63.45 GB NTFS 

Online Healthy (Recovery Partition) || Healthy (EFI System Pi | | Healthy (Boot, Page File, Crash Dump, Primary Partition) 


= Disk 1 Se a | 
Dynamic MIRROR 

7.97 GB 7.97 GB NTFS 

Online Failed Redundancy 


"@ Missing = —_ 
Dynamic MIRROR 

7.97 GB |7.97 GB NTFS 
Missing Failed Redundancy 


BB Unallocated If Primary partition [J Mirrored volume 


(Screenshot used with permission from Microsoft.) 


Examine the screenshot. Can you explain the current configuration, the 
status of the configuration, and next steps to remedy the error? 
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Activity 11-7 


Managing Files, Folders, and Disks in 
Windows 


BEFORE YOU BEGIN 
Complete this activity using Hyper-V Manager and the PC1 (Windows 10) and PC2 
(Windows 7) VMs. 


SCENARIO 


In this activity, you will add and configure storage devices for the VMs and use the file 
management tools. 


1. Start the PC2 VM, and sign on as Admin and use Pa$$w0rd for the password. 
Browse system objects and folders to understand the file system hierarchy in 
Windows 7. 

a) Open the Hyper-V Manager window. In the Virtual Machines panel, right-click PC2 
and select Start. Double-click the VM to open the connection window. 

b) Press Ctrl+Alt+End to show the sign-on screen. Select Switch User and then select 
Other User to use a different account to the one shown initially. In the User name 
box, type .\Admin. Type Pa$$w0rd in the Password box, and then press Enter. 


c) Onthe taskbar, select the Windows Explorer icon. = 


d) Inthe left pane, select the Computer icon. The Computer object contains the drives 
mapped to drive letters. In this case, you can see the boot disk (Local disk C:) and 
removable drives such as the DVD drive (D:). 


e) Inthe left pane, select the arrow to expand Computer and then select Local disk (C:) 
to show the folders off the root of the C: drive in the main pane. 
Most of the folders shown here are created during the installation of Windows. 
* Program Files/Program Files (x86)—contains the files installed by software 
applications. 


+ Users—contains subfolders for each user account, which store user profile 
configuration files and user-generated files. 


* Windows—the files used by Windows itself. 

f) In the left pane, select the Libraries icon. 
User content is designed to be accessed via libraries. A library is a virtual storage 
location that can be configured to show the contents of designated folders. The 


default libraries show the contents of the user's personal profile and the public profile 
for Documents, Music, Pictures, and Videos. 


Note: Note that the Libraries feature is still available in Windows 8/70 but is 
hidden by default. Microsoft now emphasizes the use of OneDrive to store 
documents, rather than the local file system. 


g) From the Start Menu, select the Admin user name. 


This opens another Explorer window showing the full contents of the profile. As you 
can see, there is the folder for the Desktop, as well as ones for Favorites, Saved 
Searches, Downloads, and so on. Each user can create new folders and files within 
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h) 


i) 
j) 


k) 


their own folders. Creating folders and files outside this area may require 
administrator privileges. 

In Explorer, press Alt to show the menu bar and select Tools—Folder 
options—View. Under Advanced settings, select Show hidden files, folders, and 
drives, and uncheck Hide extensions for known file types and Hide protected 
operating system files. 

Select Yes to confirm, and then select OK to apply the changes. 

In the user folder, look at some of the system files and folders that have been 
revealed: 

* NTUSER contains registry settings related to the user account. 

+ AppData contains settings and temporary files related to software applications. 
In the navigation pane, select Local Disk (C:). Observe the files and folders that have 
been revealed since you last looked at the object. 


* Recycle Bin—this is the "literal" location of the temporary holding area for 
deleted files. 

* ProgramData—applications can write information to this folder without requiring 
administrator privileges. It is used for configuration settings that apply to all users. 

* System Volume Information—this holds information used by NTFS recovery and 
indexing features, such as system restore points. 

+ Pagefile.sys—this is the virtual memory file. 

Open the C:\Windows folder. 

This contains the Windows system files. Note particularly the following folders: 

* System32—this contains many drivers and shared libraries (DLLs). As this is a 64- 
bit edition of Windows, there is also a SysWOW64 folder for 32-bit DLLs. 

* winsxs—if you right-click this folder and select Properties you will find it is very 
large (about 6 GB). Unfortunately, you can't do anything to reduce that! This folder 
underpins the system protection features of Windows and allows multiple 
versions of DLLs to co-exist. 


2. Use Hyper-V to create two virtual hard disks and add them to the PC1 VM. 


a) 
b) 


c) 


d) 


8) 
h) 


On the HOST PC, in the Hyper-V Manager console, right-click PC1and select Settings. 


In Settings for PC1, in the navigation pane, select SCSI Controller. In the details 
pane, select Hard Drive and then select the Add button. 


In the details pane, select the New button. 
The New Virtual Hard Disk Wizard is displayed. Complete the wizard by working 
through the following steps. 


If a Before You Begin page appears, check Do not show this page again and select 
Next. 


On the Choose Disk Type page, select Dynamically expanding and then click Next. 


On the Specify Name and Location page, in the Name box, type RAIDA. In the 
Location box, amend the path to C:\COMPTIA-LABS\TEMP and then select Next. 


In the Size box, type 8. Select Finish. 
Select the Apply button. 
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i) In Settings for PC1, select SCSI Controller again. In the details pane, select Hard 
Drive and then select the Add button. Complete the wizard to configure another 8 GB 
disk named RAIDB. 


al Settings for PC1 on COMPTIA-LABS = x 
PCI y «>| 
& Hardware ws Hard Drive 
r Add Hardware 
Wl Firmware You can change how this virtual hard disk is attached to the virtual machine. If an 
CGE AAR oe eae aD operating system is installed on this disk, changing the attachment might prevent the 
ean eee ee virtual machine from starting. 
bd —. era Controller: Location: 
WE Memory SCSI Controller Y | 3 (inuse) v 
1024M8 Media 
Œ oO Processor You can compact, convert, expand, merge, reconnect or shrink a virtual hard disk 


1 Virtual processo by editing the associated file. Specify the full path to the file. 
E &@ SCSI Controller 
Œ a Hard Drive 


@ Virtual hard disk: 
BEZASJA-SE [C:\COMPTIA-LABS \TEMP \RAIDB. vhdx 


DVD = New Edit Inspect Browse... 


Œ ææ Hard Drive 
+) w Hard Drive 


@ if the physical hard disk you want to use is not listed, make sure that the 


Œ Q Network Adapter disk is offline. Use Disk Management on the physical computer to manage 
LOCAL physical hard disks. 
& Management 
D Name To remove the virtual hard disk, click Remove. This disconnects the disk but does not 
wen delete the associated file. 
|<] Integration Services Remove 


{| Checkpoints 


Ge Smart Paging File Location 
fi Automatic Start Action 
F5 Automatic Stop Action 


Configuring the VM with two additional hard disks. (Screenshot used with permission from 
Microsoft.) 


j) In the Settings for PC1 dialog box, select OK. 


Configure a simple partition on one of the new disks. Use NTFS formatting, the 
label LABFILES, and assign drive letter L. 
a) Start PC1 and sign on to the Admin account with the Pa$$w0rd credential. 
b) Right-click Start and select Disk Management. 
A dialog box appears because new disks have been detected. If you look behind the 
dialog box, you should see that the new disks are marked Unknown. 
c) Select OK to initialize the disks using GPT partitioning. 
The new disks are now marked Online. 


d) Right-click the unallocated space on Disk 1 and select New Simple Volume. 
Complete the New Simple Volume wizard by selecting the following options. Select 
Next. 


e) Onthe Specify Volume Size page, select Next to accept the default value and use all 
available space on the disk. 


f) Select Assign the following drive letter and then select L. Select Next. 


g) From the File system box, leave NTFS selected and verify that Perform a quick 
format is checked. In the Volume label box, type LABFILES 


h) Select Next then Finish. 


When formatting is complete, the partition is marked as Healthy. 
i) Leave the Disk Management console open. 
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4. Browse the system objects and folders in Windows 10 to compare them to 
Windows 7. Observe folder permissions to distinguish the permissions set on a 
user folder to those set on a system folder. 


a) 
b) 


c) 


d) 


e) 


On the taskbar, select the File Explorer icon. 
Observe that the layout of objects in the navigation pane is different to Windows 7. 


The computer object (This PC) contains the profile folders as well as local drives. The 
Libraries object is "replaced" by OneDrive (though you can show Libraries too). 
Browse the Local Disk (C:) drive. Verify that the system folders are the same as 
Windows 7. 

Right-click Documents and select Properties. Select the Security tab. Observe that 
the Admin user plus SYSTEM and Administrators group accounts are listed. Each 
account has Full Control. Select Cancel. 

Right-click the Windows folder and select Properties. Select the Security tab. 
Observe that there are no individual user accounts listed. Most of the group account 
permissions are not shown (they are allocated special permissions). The Users group 
account can view the folder but cannot make changes. Select Cancel. 


5. Practice performing directory navigation at the command line. 


a) 


b) 
c) 


d) 


e) 


Open a command prompt, then type cd. . and press Enter. 

This changes the prompt focus to the parent directory. 

Type cd\ and press Enter to go to the root directory of drive C:. 

Enter dir to get a file and directory listing. Is everything displayed? 

Hidden files are not shown. 

Enter dir /? to view help for the command. Which switches are required to display 
everything displayed? 

dir /a:hs 


Enter dir with the switches required to list hidden files. 


6. In this step, you will identify some of the differences between copy, xcopy, and 
robocopy. You need to copy the contents of the C:\LABFILES folder to a DATA 
folder on the L drive. The DATA folder does not currently exist. 


a) 


b) 


c) 


d) 


e) 


8) 


Run the following command and note the errors: 
copy C:\LABFILES\* L:\DATA\ 
Try the following commana: 


copy C:\LABFILES\* L:\DATA 


Look at the last message in the output—does it seem odd? Browse the L drive in 
Explorer. You will see a DATA file with no extension. Open the Data file in Notepad, 
and verify that the contents of the copied files is shown in this file. Close Notepad and 
delete the DATA file. 


Now try the first command again but use xcopy rather than copy: 


xcopy C:\LABFILES\* L:\DATA\ 


Does it work? 


It copies the files but not the subdirectories. 

Work out the xcopy command to duplicate completely the contents of C:\LABFILES 
to the L:\DATA folder. What is the command you need to use? 

xcopy C:\LABFILES\* L:\DATA\ /s /e /y 

Run the command to verify it works as you expect it to work. 


Use the tree L:\DATA command to obtain a directory listing of the folder DATA to 
check you have used XCOPY correctly. 


You should see several subfolders, including some "empty" ones—if you have made a 
mistake, use the rd command to remove the DATA folder. 
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Both copy and xcopy are now deprecated in favor of robocopy (robust copy). 


Work out the robocopy command to move files smaller than 10 KB from 
the DATA folder to a SmallData folder on the L: drive. 


Work out the robocopy command to recreate the directory structure of c: 
\LABFILES: within a DataLayout folder on the L: drive. 


In this step, you will explore options for configuring software RAID (Redundant 

Array of Independent Disks). Mirroring means that each file write is duplicated to 

two disks. If one disk fails, the volume will continue to work. The drawback is that 

only 50% of the disk space is available. As the next task, reconfigure the LABFILES 

partition as a mirrored volume and mount it as LABFILES to the Public user folder. 

a) Switch to the Disk Management console. Right-click Disk 1 and select Convert to 
Dynamic Disk. In the dialog box, check Disk 2 also and select OK. In the Disks to 
Convert dialog box, select Convert. Confirm by selecting Yes. 

b) Right-click the LABFILES volume and select Add Mirror. In the dialog box, select Disk 
2 then select the Add Mirror button. 

c) Observe that when synching is complete, the volume is marked as Healthy. 
The color-coding of the volume is different to that of the partitions on Disk 0 (the disk 
hosting the system and boot partitions). This color indicates that the volume is 
mirrored. 

d) Right-click the volume and select Change Drive Letter and Paths. Select the Add 
button. Select the Browse button. 

e) Expand C:-+Users—Public then select the New Folder button. Type LABFILES and 
press Enter. Select OK to choose the folder. Select OK. 

f) Use File Explorer to browse the C:\Users\Public folder. Note the icon for the 
mounted volume. Open it to check that the files you copied survived the conversion. 


Observe the effect on the array of a disk "failure." You can simulate this by 
disabling the disk device. 
a) Right-click Start and select Device Manager. 


b) Expand Disk drives. Right-click the last Microsoft Virtual Disk item in the list and 
select Disable device. Confirm the prompt by selecting Yes. Select Yes to restart. 


c) Sign back on and open the Disk Management console again. Note the status 
messages. 


The volume continues to function using the single device. If the other disk were to fail 
the volume would be lost. When a volume is in this state, make sure it is backed up 
and then try to restore the second disk and rebuild the mirror. 


Disk Management is the easiest way to perform disk configuration. However, you 
can also use command line tools. These tools should be used with care! In this 


step, explore the use of diskpart commands. 

a) Open a command prompt, then type diskpart and press Enter to start the disk 
utility. Select Yes at the UAC prompt. 
A new elevated command prompt window is opened. 
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i) 


Type he lp and press Enter to view a list of commands. 

Enter the command list disk 

Enter the command select disk 0 followedbydetail disk to display 
the configuration of the boot disk. 


This contains three volumes. There is a system reserved volume with no drive letter 
formatted with FAT32 and a boot volume (holding the Windows files) with the drive 
letter C: assigned and formatted with NTFS. There is also a recovery tools partition. All 
volumes are of the partition type. 


Enter the command list partition followed by list volume. 


Partitions are configured on hard disks. A volume is often mapped to a single 
partition but as you can see, there are other types of volume, including the optical 
drive and the mirrored volume you created earlier. 


a C:\Windows\system32\diskpart.exe = o x 


: 8 
Location Path : UNAV 


Healthy 


Ltr Label 
Mirror 
DVD-RO 


Volu 
Volume 


Viewing information about volumes and partitions via diskpart. (Screenshot used with 
permission from Microsoft.) 


Enter the command select partition 2 followed by detail 
partition. Verify that the partition is marked system . 


Enter the command select volume 3 followedbydetail volume to 
show information about the volume's properties. 


Enter the command select disk 1 followed by detail disk to display 
the configuration of the remaining disk underpinning the LABFILES volume. 


Enter the command select volume 0 followedby detail volume to 
show information about the volume's properties. 


This is the mirrored volume you configured. 
Enter assign letter=T to change the drive letter used for the mirrored 
volume. Run list volume to verify the changes. 


Lesson 11: Supporting Operating Systems | Topic E 


12. 


13. 


k) 


m) 


The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 679 


Type remove mount=C:\Users\Public\LABFILES and press 
Enter. 

Type exit then press Enter to quit the utility. Leave the other command prompt 
open. 

Observe the changes in Explorer. 

C:\Users\Public\LABFILES is now an ordinary (empty) folder again but the data files 
are still present on drive T. You haven't deleted any information; just changed the way 
it is accessed. 


The format utility can be used to format any disk to use the FAT, FAT32, or NTFS 
file system, but the process deletes any existing data or directory structure on the 
drive. Re-format the mirrored volume with the FAT32 file system. 


a) 


b) 


c) 
d) 


e) 


f) 


In the original command prompt, type format t: /fs:fat32 and press 
Enter. Observe the error. 

Close the command prompt, then select Start and type cmd, then press Ctrl+Shift 
+Enter. Confirm the UAC prompt by selecting Yes. 


Type format t: /fs:fat32 and press Enter. 

When prompted, confirm the volume label as LABFILES and then confirm the format 
by pressing y and then Enter. 

When formatting is complete, enter the volume label as TOOLS and close the 
command prompt window. 


Use Windows Explorer to verify that the files and folders you copied to the drive are 
no longer present. 


At the end of each activity, you need to close the VMs. You will always discard any 
changes you made. 


a) 


b) 
c) 


From the connection window, select Action—Revert. If prompted, select the Revert 
button to confirm. 

Repeat to revert the PC2 VM. 

On the HOST, open File Explorer and browse to C:\COMPTIA-LABS\TEMP. Press Ctrl 
+A to select all the files and then press Delete. Confirm by selecting the Yes button. 


Note: When a VM is reverted, both changes to the disks and changes to 
settings are discarded. 
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Topic F 


Manage Devices in Windows 


EXAM OBJECTIVES COVERED 
R 1002-1.5 Given a scenario, use Microsoft operating system features and tools. 


1002-1.6 Given a scenario, use Microsoft Windows Control Panel utilities. 


In this topic, you will use the Control Panel and Device Manager to install and configure 
PC peripheral devices and hardware settings under Windows. 


POWER OPTIONS 


Power management allows Windows to selectively reduce or turn off the power 
supplied to hardware components. This is important to avoid wasting energy when the 
computer is on but not being used and to maximize run-time when on battery power. 
Power management requires three compatible components: 


* Hardware—devices that support power management are often labeled Energy Star, 
after the US Environmental Protection Agency scheme. It is important for the CPU, 
motherboard, hard disks, and display screen to support power management. 

* Firmware—almost all chipsets support the power management standard Advanced 
Configuration and Power Interface (ACPI) but you may need to check that it has 
been enabled. 

* Operating System—current versions of Windows provide full ACPI compatibility. 


Note: Power management is more important on mobile devices but can be configured on 
desktops in much the same way. 


One basic feature of ACPI is to support different power-saving modes. The computer 
can be configured to enter a power saving mode automatically; for example, if there is 
no use of an input device for a set period. The user can also put the computer into a 
power-saving state rather than shutting down. 


There are several levels of ACPI power mode, starting with SO (powered on) and ending 
with S5 (soft power off) and G3 (mechanically powered off). In-between these are 
different kinds of power-saving modes: 


* Standby/Suspend to RAM—cuts power to most devices (for example, the CPU, 
monitor, disk drives, and peripherals) but maintains power to the memory. This is 
also referred to as ACPI modes S1-S3. 

* Hibernate/Suspend to Disk—saves any data in memory (open files) to disk (as 
hiberfil.sys in the root of the boot volume) then turns the computer off. This is also 
referred to as ACPI mode S4. 

In Windows, power management is implemented as the sleep and hybrid sleep modes: 

* Alaptop goes into the standby state as normal; if running on battery power, it will 
switch from standby to hibernate before the battery runs down. 

e A desktop creates a hibernation file then goes into the standby state. This is 
referred to as hybrid sleep mode. It can also be configured to switch to the full 
hibernation state after a defined period. 

+ Windows 8 supports an alternative mode called Connected Standby or InstantGo, 
updated to Modern Standby in Windows 10. These utilize a device's ability to 
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function in an SO low-power idle mode to maintain network connectivity without 
consuming too much energy. This option is only available with compatible 
hardware. 


Note: You can also set a specific device (such as the display or hard drive) to enter a 
power-saving state if it goes unused for a defined period (sleep timers). Note that some 
monitors still consume quite a lot of power in standby mode. 


CONFIGURING POWER OPTIONS 


The Power Options Control Panel applet lets you configure power management 
settings via a system of power plans. These enable the user to switch between 
different sets of preconfigured options easily. Each power plan can be customized, or 
new plans can be defined and saved. 


As well as configuring events for the power button or closing the lid of a laptop, the 
"shut down" option in Start Menu can be customized; so clicking the button could 
make the computer sleep while closing the lid could activate the hibernate routine. 
These settings can be defined for all plans (use the Choose what the power button 
does link in the bar on the left shown in the dialog box in the following figure) or ona 
per-plan basis (select the plan then configure advanced settings). 


== 
gO BE) « All Control Panel Items » Power Options v | +4 | | Search Contro! Panel Pp | 
Control Panel H @- 
ontrol Panel Home 
Select a power plan 
Require a password on wakeup Power plans can help you maximize your computer's performance or conserve energy. Make 
a plan active by selecting it, or choose a plan and customize it by changing its power settings. 
Choose what the power Tell me more about power plans 
buttons do 
Choose what closing the lid Plans shown on the battery meter 7 
does Power4Gear Entertainment Change plan settings 
Create a power plan Power4Gear Entertainment 
ÉJ Choose when to turn off the . 
display © Power4Gear High Performance Change plan settings 
O apran aan Power4Gear High Performance 
sleeps 
@ PowerdGear Hybrid Hide additional plans ^ 
aes Balanced (recommended) Change plan settings 
come Automatically balances performance with energy consumption on capable 
Personalization hardware. 
Windows Mobility Center bs 
User Accounts Screen brightness: © g o 


Configuring power management in Windows 7. (Screenshot used with permission from Microsoft.) 


Advanced settings allow you to configure a very wide range of options, including CPU 
states, search and indexing behavior, display brightness, and so on. 


There is no GUI option to disable hibernation (and consequently delete hiberfil.sys). 
This can be done via the command line(powercfg -h off | on). 


In Windows 10, you can still configure power plans via the Power Options applet but 
you can also set basic options quickly via the Power & sleep page in Windows Settings. 


DISPLAY AND SOUND DEVICES 


You can configure the way Windows appears through Personalization settings in 
Control Panel/Settings. This allows you to select and customize themes, which set the 
appearance of the desktop environment, such as the wallpaper, screen saver, color 
scheme, and font size used. 
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CONFIGURING THE DISPLAY RESOLUTION 

Most computers are now used with TFT display screens. These screens are really 
designed to be used only at their native resolution. Windows should detect this and 
configure itself appropriately. If you do need to adjust the resolution, right-click the 
desktop and select Screen resolution (Windows 7) or Display settings (Windows 
8/10). Alternatively, you can open the applets via Control Panel/Settings. 


COLOR DEPTH AND REFRESH RATE 


You might want to change the number of bits used to represent colors at some point; 
perhaps to make a legacy application work better. From the Screen resolution/Display 
settings applet, select Advanced display settings, and then on the Adapter tab for 
the monitor, select List All Modes. Choose an appropriate resolution and color depth 
mode. Windows 8/10 only supports 32-bit color. 


TFTs work at a pre-set refresh rate. If you have a CRT and need to tweak the rate, you 
can do this on the Monitor tab via Advanced display settings. 


Settings 


Q Advanced di | | 


Intel(R) Graphics and Media Control Panel 
Adapter Monitor Colour Management 
Adapter Type 


Display information 
Poy Intel(R) HD Graphics 3000 


oO @ Properties 
Display 1: Connected to Int Adapter Information 
Desktop resolution 14 Chip Type: Intel(R) HD Graphics Family 
p . . | DAC Type: Internal 

Active signal resolution 16 Adapter String: Intel(R) HD Graphics 3000 

Refresh rate (Hz) 54 Bios Information: Intel Video BIOS 

Bit depth 8- Total Available Graphics Memory: 1664 MB 

Colour format R Dedicated Video Memory: 32MB 
i System Video Memory: 0MB irás x 
S i lodes 

Colour space st Shared System Memory: 1632 MB 

Display adaptor properties fq et cecil sides 

List All Modes 


1152 by 864, True Colour (32 bit), 60 Hertz A 
1280 by 600, True Colour (32 bit), 60 Hertz 
1280 by 720, True Colour (32 bit), 60 Hertz 
1280 by 768, True Colour (32 bit), 60 Hertz 
1280 by 800, True Colour (32 bit), 60 Hertz 
1360 by 768, True Colour (32 bit), 60 Hertz 
1366 by 768, True Colour (32 bit), 60 Hertz 
1440 by 900, True Colour (32 bit), 60 Hertz 


OK 


Checking the modes supported by a TFT monitor—various resolutions are available but all at 32-bit 
color and 60 Hertz refresh rate. (Screenshot used with permission from Microsoft.) 


SOUND SETTINGS 

Use the Sound applet in Control Panel/Settings to test microphone, headset, or 
speaker hardware and configure settings. 

If you have multiple devices, you can choose the defaults on the Playback and 
Recording tabs and test levels for audio input and output. 


The Communications tab lets you set an option to reduce other sounds if the device 
receives or places a telephone call. The Sounds tab lets you configure which noises 
Windows makes in response to actions and events, such as a calendar reminder or 
warning dialog box. 


Use the icon in the Notification Area to control the volume. 
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HARDWARE DEVICE CONFIGURATION AND MANAGEMENT 


Most hardware devices use Plug-and-Play. This means that Windows automatically 
detects when a new device is connected, locates drivers for it, and installs and 
configures it, with minimal user input. In some cases, you may need to install the 
hardware vendor's driver before connecting the device. The vendor usually provides a 
setup program to accomplish this. 


Note: When using a 64-bit edition of Windows, you must obtain 64-bit device drivers. 32- 
bit drivers will not work. 


There may also be circumstances where you need to install a device manually, disable 
or remove a device, or update a device's driver. 


ADD HARDWARE WIZARD 

The Add Hardware/Add a Device wizard (in Control Panel) supports the manual 
addition of devices while Device Manager (in Administrative Tools, the Computer 
Management snap-in, or Control Panel) is used to configure them. 


The precise stages in the Add Hardware or Add a Device wizards are different 
between the various versions of Windows, but in all of the m—by selecting the 
appropriate options—you can get to the point where you choose which hardware you 
want to install manually. 


i = — H 


l Add Hardware 
From the list below, select the type of hardware you are installing 


F you do not see the hardware category you want, click Show All Devices 


Common hardware types: 


a 
Be Display adapters = 
Cà IDE ATA/ATAPI controllers 
S EEE 1284.4 compatible panter 
mm IEEE 1284.4 devices 

@ IEEE 1394 Bus host controllers 


(<Back )( Nea> ) [Cancel] 


Installing a device manually. (Screenshot used with permission from Microsoft.) 


Choose the type of hardware from the list then select from the list of manufacturers 
and models, and Windows will attempt to allocate it resources. 


DEVICES AND PRINTERS 


In Windows 7 and Windows 8, Devices and Printers *'* is the location for the basic 
user-configurable settings for peripheral devices attached to the computer. Double- 
clicking an icon brings up the device's status page and available configuration options 
(referred to as the Device Stage). The shortcut menu for each device also allows you to 
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set configurable properties, start a troubleshooter (devices with an dià icon are not 
working properly), or remove the device from the computer. 


Add a device Add a printer Troubleshoot Remove device 


4 Devices (5) 


=) Modem settings 


Microsoft® ODYSSEUS Dial-up Networking 
Wireless Laser | 


Mouse 8000 Create shortcut 


4 Printers and Faxes (8) we 


Remove device 


we 


= Writer HP LaserJet 5Si Microsoft XPS 
Document Writer 


| SGH-D900i Category: Phone; Modem 
” =| Status: Needs troubleshooting 


Devices and Printers in Windows 7. (Screenshot used with permission from Microsoft.) 


THE DEVICES PAGE 


In Windows 10, the Devices page in Windows Settings provides options for adding and 
configuring peripherals. 


Settings = m] x 
Q Home Bluetooth & other devices 
Find a setting P 4 Add Bluetooth or other device 
Devices 
Bluetooth 
| EÑ Bluetooth & other devices @ o 
ts) Printers & scanners Now discoverable as “COMPTIA” 
O Mouse Mouse, keyboard & pen 
S oci Logitech USB Keyboard 


Typin 
yping ROCCAT Kone Pure 
of Pen & Windows Ink 


@ AutoPlay Other devices 
BRAVIA KDL-42W653A 
B use | 


COMPTIA-LABS: james.pengelly@gtslearning.com: 
Not connected 


COMPTIA-MOBILE 
Paired 


Devices page within the Windows 10 Settings app. (Screenshot used with permission from Microsoft.) 
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DEVICE MANAGER 


When you have installed a device, check that it works. It is a good sign if the device is 
recognized by Windows, but you should still perform a functional test. For example, 
print a test page when installing a printer, test file copy when installing removable 
media, or test audio and video playback when installing multimedia devices. 


Device Manager (devmgmt . msc) allows you to view and edit the properties of 
installed hardware. You can change device settings, update drivers, and resolve any 
known conflicts. 


VERIFYING DEVICE INSTALLATION 


Beyond installation of its driver, a device's configuration will include an interrupt 
address (IRQ) and various other properties, including memory addresses and I/O 
ranges. All hardware devices need a unique configuration so that they can 
communicate with the processor and other system components. Hopefully, if all your 
devices are fairly recent, Windows will be able to detect them and install them 
properly. There may be circumstances where you need to check the system resources 
assigned to a device, however. You can use the View menu in Device Manager to see 
which resources are assigned to which device. 


A Device Manager = o x 
File Action View Help 
e| Devices by type 
[~ A compt Devices by connection — 7 
JÉ Dire: Devices by container 
i Inpu Resources by type 
ad x A -. Resources by connection 


Bb ( 

E ( Show hidden devices 5/2 keyboard 
ia ( 5 time clock 
@ ( Customise... HouchPad 


ea (ISA) 0x0000000D (13) 
Ga (ISA) 000000036 (54) 
Š= (ISA) 0x00000037 (55) 
iia (ISA) 0x00000038 (56) 
ia (ISA) 0x00000039 (57) 
iia (ISA) 0x0000003A (58) 
im (ISA) 000000038 (59) 
ia (ISA) 0x0000003C (60) 
iim (ISA) 0x0000003D (61) 
ia (ISA) 00000003 (62) 
iim (ISA) 0x0000003F (63) 
ia (ISA) 000000040 (64) 
iim (ISA) 0x00000041 (65) 
ia (ISA) 000000042 (66) 
iim (ISA) 0x00000043 (67) 
im (ISA) 000000044 (68) 
im (ISA) 000000045 (69) 


Displays devices by connection. 


Numeric data processor 

Microsoft ACPI-Compliant System 
Microsoft ACPI-Compliant System 
Microsoft ACPI-Compliant System 
Microsoft ACPI-Compliant System 
Microsoft ACPI-Compliant System 
Microsoft ACPI-Compliant System 
Microsoft ACP|-Compliant System 
Microsoft ACPI-Compliant System 
Microsoft ACP|-Compliant System 
Microsoft ACP|-Compliant System 
Microsoft ACPI-Compliant System 
Microsoft ACP!-Compliant System 
Microsoft ACPI-Compliant System 
Microsoft ACP|-Compliant System 
Microsoft ACPI-Compliant System 
Microsoft ACPI-Compliant System 


Managing hardware with the Device Manager in Windows 10. (Screenshot used with permission from 
Microsoft.) 


UPDATING AND TROUBLESHOOTING A DEVICE 

Sometimes Windows can determine a device's type and function, but cannot locate a 
driver for the device (perhaps there is no driver included on the Windows setup media 
or in Windows Update). In this case, you may find an "Unknown Device" or device of a 
"generic" type listed in the Device Manager with a yellow exclamation mark indicating a 
problem. 


If the device has never worked, check that it (or the driver installed) is compatible with 
the OS. Manufacturers often release updated drivers to fix known problems. The 
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update can normally be obtained as a download from the support area of the 
manufacturer's website. Once downloaded, the driver may come with a setup program 
to install it or may need to be installed manually. 


Note: If a device is not working properly, a warning message is usually displayed in the 


notification area. 


To update or troubleshoot a device manually, in the Device Manager hardware tree, 

locate the device, right-click it, and select Properties to display the device settings. The 
General tab displays status information for the device. Use the Update Driver button 
on the Drivers tab to install a new driver. 


File 


e 9|mE|H 


Action View Help 


m| kx 


v Ñ COMPTIA 


ij Audio inputs and outputs 
3 Batteries 
@ Bluetooth 
@ Cameras 
E Computer 
= Digital Media Devices 
we Disk drives 
E Display adaptors 
ws DVD/CD-ROM drives 
fù Human Interface Devices 
"a IDE ATA/ATAPI controllers 
Jè Imaging devices 
E Keyboards 
E HID Keyboard Device 
E Lenovo ThinkPad PS/2 keyboard 
E Logitech HID-Compliant Keyboard 
0] Mice and other pointing devices 
E Monitors 
E Network adapters 
EP Other devices 
E Portable Devices 
I Print queues 
Cy Processors 
H Software devices 


L Sound video and name controllers 


General Driver Details 


Logitech HID-Compliant Keyboard 


Driver Provider: 
Driver Date: 
Driver Version: 


Digital Signer: 


Driver Details 


Update Driver 


Roll Back Driver 


Disable Device 


Uninstall Device 


Events Power Management 


Logitech 
03/01/2013 
§.52.22.0 


Microsoft Windows Hardware Compatibility 
Publisher 


View details about the installed driver files. 


Update the driver for this device. 


F the device fails after updating the driver, roll 
back to the previously installed driver. | 


Uninstall the device from the system (Advanced). 


OK Cancel 


e 


Using device properties to investigate driver version. (Screenshot used with permission from Microsoft.) 


Note: When installing drivers, always check the laptop (or PC) vendor's site for an OEM 
version of the driver first. Devices used by system builders can be slightly different from 
retail versions and may need a different driver to work properly with the chipset and 
firmware. This is more often the case with laptops than desktop PCs. 


If a device supports Plug-and-Play and is hot swappable, you can remove it from the 
computer without having to uninstall it. Before removing a storage device, close any 


applications that might be using it, then select the Safely Remove Hardware icon 
in the notification area on the taskbar and choose the option to stop or eject the 
device. Otherwise, you can uninstall a device prior to physically removing it by right- 
clicking in Device Manager and selecting Uninstall. 
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A Device Manager = o x 


File Action View Help 
¢9%\n\O|\Bm|B\|kx 


v Ah COMPTIA ^ 
i| Audio inputs and outputs 
2 Batteries 
§ Bluetooth 
@ Cameras 
E Computer 
== Digital Media Devices 
we Disk drives 
E Display adaptors 
ws DVD/CD-ROM drives 
(ij Human Interface Devices 
"a IDE ATA/ATAPI controllers 
Jè Imaging devices 
v E Keyboards 
E HID Keyboard Device 
E Lenovo ThinkPad PS/2 keyboard 
E Logitech HID-Compliant Keybo. Te 


0] Mice and other pointing devices 
E Monitors eae 


~- a adapters Scan for hardware changes 
? er devices 
E Portable Devices Properties 


I Print queues 
0 Processors 
H Software devices 


L Sound viden and name controllers 


Uninstalls the driver for the selected device. 


Using Device Manager to uninstall a device. (Screenshot used with permission from Microsoft.) 


There is also an option in Device Manager to Disable a device, which you might use if it 
is not working with the current driver and want to make it inaccessible to users while 
you find a replacement or to improve system security by disabling unused devices 
(such as modems). Disabled devices are shown with a down arrow. 


HARDWARE DIAGNOSTICS 


If you cannot diagnose a hardware driver or configuration problem via Device 
Manager, there are other tools you can use to get more information. 


TROUBLESHOOTING APP 

Windows is bundled with a number of automated troubleshooting utilities. These 
guide you through the process of installing and configuring a device correctly. The 
troubleshooters are available from Control Panel in Windows 7 or the Settings app in 
Windows 10. 
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Settings = o x 


M Home Troubleshoot 


Find a setting p $ Bluetooth 


Find and fix problems with Bluetooth devices 

Update & Security 
J Connection to a Workplace Using DirectAccess 

Find and fix problems with connecting to your workplace 


~ Windows Update network using DirectAccess. 


SF Windows Security =] Hardware and Devices 
Find and fix problems with devices and hardware. 
T Backup 


q) Incoming Connections 
Find and fix problems with incoming computer connections 


| @ Troubleshoot and Windows Firewall. 
D Recovery g Keyboard 
Find and fix problems with your computer's keyboard 
settings. 


Gi Network Adapter 
Find and fix problems with wireless and other network 


© Activation 
fay 


Find my device 


adapters. 
fh For developers 
Cc} Power 
Find and fix problems with your computer's power settings 
8 Windows Insider Programme to conserve power and extend battery life. 


Selection of the troubleshooting tools in Windows 10. (Screenshot used with permission from 
Microsoft.) 


SYSTEM INFORMATION 


The System Information (ms in fo3 2) application provides a Windows interface to 
some of the configuration information contained in the registry. 


Category Description 


System Summary Information about operating system and firmware versions 
and registration details. 


Hardware Resources The I/O, IRQ, and memory address settings used by the CPU to 
communicate with a component. 


Components A detailed list of all running devices. including configuration 
information such as IRQ. 

Software Various information including drivers, environment settings, 

Environment and network connections. 


Note: It's ms in f03 2 even if you're using a 64-bit version of Windows—there is no 
such thing as "msinfo64." 
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E System Information — x 
File Edit View Help 
System Summary Item Value a: 
= Hardware Resources OS Name Microsoft Windows 10 Pro 
B- Components Version 10.0.17134 Build 17134 
Multimedia Other OS Description Not Available 
ae . OS Manufacturer Microsoft Corporation 
poem Deve system Name COMPTIA 
Depi System Manufacturer ASUSTeK Computer Inc. 
Infrared 
&- Input System Model NSSSF 
inden System Type x64-based PC 
H- Network System SKU 
- Ports Processor Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz, 2201 Mhz, 4 C 
- Storage BIOS Version/Date American Megatrends Inc. NSSSF.207, 29/08/2011 
Printing SMBIOS Version 2.6 
Problem Devices Embedded Controller Version 255.255 
USB BIOS Mode Legacy 
©- Software Environment BaseBoard Manufacturer ASUSTeK Computer Inc, 
BaseBoard Model Not Available v 
< > 


Find what: 


Find Close Find 


Search selected category only 


C Search category names only 


System Information. (Screenshot used with permission from Microsoft.) 


DirectX DIAGNOSTIC TOOL 


The DirectX Diagnostic Tool (dxdiag) displays a report on the system's DirectX 
configuration, which determines its ability to support 3D graphics and sound. 


Device 


DirectX Features 


© DirectX Diagnostic Tool 


Name: 

Manufacturer: 

Chip Type: 

DAC Type: 

Device Type: 

Approx. Total Memory: 
Display Memory (VRAM): 
Shared Memory: 


* — No problems found. 


System Display Sound 1 Sound 2 Input 


DirectDraw Acceleration: Enabled 
Direct3D Acceleration: Enabled 


AGP Texture Acceleration: Enabled 


= x 
Drivers 

A 
Intel(R) HD Graphics 3000 Main Driver: igdkmd64.sys,igdumd64.dll,igd 10umdé 
Intel Corporation Version: 9.17. 10.4459 
Intel(R) HD Graphics Family Date: 5/19/2016 01:00:00 

WHQL Logo’d: Yes 
Full Display Device Direct3D DDI: 11.1 
Feature Levels: 10_1,10_0,9_3,9_2,9 1 
Driver Model: WDDM 1.2 
v < > 
Next Page Save All Information... Exit 


DirectX Diagnostic Tool. (Screenshot used with permission from Microsoft.) 
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Activity 11-8 


Discussing Windows Device 
Management 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. You are supporting a user with a Windows 10 Home PC. The user has installed a 
computer game, but the game will not run. The computer is fitted with a 
dedicated graphics adapter. You determine that the adapter driver should be 
updated, but there is no newer driver available via Windows Update. 


How should you proceed? 


2. You are supporting a user who has installed a vendor keyboard driver. The 
keyboard no longer functions correctly. 


Under Windows 10, what are the steps to revert to the previous driver? 


3. AWindows 7 Professional user is trying to join a video conference and cannot 
hear any sound from her headset or the computer's built-in speakers. 


Which tool can you suggest using to try to remedy the fault? 
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You are troubleshooting an issue with a wireless adapter. When you open Device 
Manager, you find the device's icon is shown with a down arrow superimposed. 


What does this mean and why might this configuration have been imposed? 


Identify how to open the tool shown in this exhibit. (Screenshot used with 
permission from Microsoft.) 


m 


44 System Information kokam 
File Edit View Help 
| System Summary Resource Device a 
=) Hardware Resources IRQO System timer 3 
Conflicts/Sharing IRQ 1 Standard PS/2 Keyboard 
ae IRQ3 Communications Port (COM2) 
Foroen alters IRQ 4 Communications Port (COM1) 
= ” IRQ 5 Microsoft Emulated S3 Device Cap 
a IRQ 6 Standard floppy disk controller 
IRQ8 System CMOS/real time clock 
H- Components A 
E e EROE IRQ 12 Microsoft PS/2 Mouse 
IRQ 13 Numeric data processor 
IRQ 14 ATA Channel 0 
IRQ 15 ATA Channel 1 = 
4 T =< + 
Find what: Find | Close Find 
[E] Search selected category only E] Search category names only 


What single word command can you use to open the tool shown in the 
exhibit? For what sort of troubleshooting task might you need to use the 
information shown? 


You are assisting a laptop user. While she was away from her desk, the laptop has 
powered off. The user was in the middle of working on a file and had forgotten to 
save changes. 


Can you reassure her and advise on the best course of action? 
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Summary 


In this lesson, you supported operating systems. By increasing your familiarity with the 
types of operating systems in use, as well as the tools and capabilities of each, you are 
well on the way to gaining the knowledge and expertise expected of an A+ technician. 


Which versions of Windows do you expect to support? 


Which part of the CompTIA A+ Troubleshooting Model do you expect to find most 
challenging, and why? 


Practice Question: Additional practice questions are available on the CompTIA CHOICE 
platform within the Assessments tile. 
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Lesson 12 


Maintaining and Troubleshooting Microsoft 
Windows 


LESSON INTRODUCTION 


You have learned to use tools and features to install and configure devices and manage disks and 
file systems. These tasks are important but they are not the reason people and companies use 
computers. Computers are useful devices because they run different kinds of software 
applications. In this lesson, you will learn how to install and configure software in Windows. 


Using the computer effectively also brings up the issues of performance and availability. If the 
computer is slow or unresponsive, users cannot work efficiently. This lesson will also show you 
how to monitor system performance and troubleshoot Windows OS problems. 


LESSON OBJECTIVES 


In this lesson, you will: 
«Install and manage Windows applications. 
+ Manage Windows performance. 


* Troubleshoot Windows issues. 
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Topic A 


Install and Manage Windows 
Applications 


EXAM OBJECTIVES COVERED 
BI 1002-1.4 Given a scenario, use appropriate Microsoft command-line tools. 


1002-1.5 Given a scenario, use Microsoft operating system features and tools. 
1002-1.6 Given a scenario, use Microsoft Windows Control Panel utilities. 
1002-1.7 Summarize application installation and configuration concepts. 


Installing and configuring software applications is a crucial part of the IT support role. 
In this topic, you will learn the tools and features used in Windows® to follow best 
practices for software management. You will also use Task Manager to examine 
processes and performance of the operating system and applications. 


APPLICATION INSTALLATION AND CONFIGURATION 


When you are selecting, installing, and configuring software applications, you need to 
consider both compatibility and security concepts. 


OS REQUIREMENTS (COMPATIBILITY) 

Every software application is designed to run under a specific operating system. When 
purchasing, you need to make sure you select the version for your OS. You cannot 
purchase software for macOS® and then run it on Windows. Additionally, a software 
application might not be supported for use under newer operating systems. For 
example, if you have been using version 1 of the Widget App on Windows 7 and you 
subsequently upgrade to Windows 10, the Widget App might need to be upgraded to 
version 2 for full compatibility. 


SYSTEM REQUIREMENTS 

System requirements refers to the PC specification required to run the application. 
Some applications, such as 3D games, may have high requirements for CPU and GPU 
(graphics). There will also be specific RAM and disk space requirements: 


* Random Access Memory (RAM)—most applications will require at least 2 GB of 
system memory. 

* Drive space—applications can have quite high disk space requirements. For 
example, Microsoft Office needs at least 3 GB of disk space. 


The application's documentation may specify additional requirements, such as a 
microphone, speakers, or headset. 


INSTALLATION AND DEPLOYMENT OPTIONS 

Most applications are installed from a setup file. The setup file packs the application's 
executable(s), configuration files, and media files within it. During setup, the files are 
extracted and installed to the program directory. A setup file can be distributed on CD/ 
DVD, it could be run from a USB drive, or it could be downloaded from the Internet. 


When an organization wants to deploy an application to a number of desktops, they 
are likely to use a network-based installer. In this scenario, the setup file is simply 
copied to a shared folder on the network and client computers run the setup file from 
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the network folder. In Windows, you can use policies—Group Policy Objects (GPO)— 
to set a computer to remotely install an application from a network folder without any 
manual intervention from an administrator. Products such as centrally managed 
antivirus suites often support "push" deployment tools to remotely install the client or 
security sensor on each desktop. 


PERMISSIONS AND OTHER SECURITY CONSIDERATIONS 


One advantage of using a tool such as GPO to deploy applications is that a user does 
not have to log on to the local client with administrator privileges. Write/modify 
permissions over folders to which the application executable files are installed are 
restricted to administrator-level accounts. This prevents unauthorized modification of 
the computer or the installation of programs that could threaten security policies. The 
setup file for a deployed application can run using a service account. 


To run an application, the user needs to be granted read/execute permission over the 
application's installation directory. Any files created using the application or custom 
settings/preferences specific to a particular user should be saved to the user's home 
folder/profile rather than the application directory. 


When selecting applications for installation on desktops, proper security 
considerations need to be made in respect of potential impacts to the device 
(computer) and to the network. The principal threat is that of a Trojan Horse; that is, 
software whose true (malicious) purpose is concealed. Such malware is likely to be 
configured to try to steal data or provide covert remote access to the host or network 
once installed. A setup file could also be wittingly or unwittingly infected with a 
computer virus. These security issues can be mitigated by ensuring that software is 
only installed from trusted sources and that the installer code is digitally signed by a 
reputable software publisher. 


As well as overt malware threats, software could impact the stability and performance 
of a computer or network. The software might consume more CPU and memory 
resource than anticipated or use an excessive amount of network bandwidth. There 
could be compatibility problems with other local or network applications. The software 
could contain unpatched vulnerabilities that could allow worm malware to propagate 
and crash the network. Ideally, applications should be tested in a lab environment 
before being deployed more widely. Research any security advisories associated with 
the software, and ensure that the developer has a robust approach to identifying and 
resolving security issues. 


WINDOWS PROGRAMS AND FEATURES 


In Windows, local applications are installed to the Program Files directory on the boot 
partition (for example, C:\Program Files). Most applications will also write 
configuration data to the registry and may add folders and files to the user's home 
directory (or to the All Users directory for settings shared by all users). To ensure that 
all these folders, files, and registry settings are created correctly, applications should 
be installed and removed using the supplied Setup program. 


Note: Application installation and removal under legacy versions of Windows could 
cause problems if an application changed or removed DLL (Dynamic Link Library) files 


used by other applications, causing them to malfunction. Microsoft introduced the 
Windows Installer Service to mitigate these problems. Most application vendors use setup 
programs that are compliant with Windows Installer (Windows Installer packages 

have .MSI extensions). System Restore can also be configured to create a Restore Point 
automatically upon application installation, adding a further measure of protection. 
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64-BIT WINDOWS AND 32-BIT APPLICATIONS 


Many of the software applications available for Windows are still 32-bit. These 
applications can usually be installed under 64-bit versions of Windows. They run within 
a special application environment called WOW64 (Windows on Windows 64-bit). This 
environment replicates the 32-bit environment expected by the application and 
translates its requests into ones that can be processed by the 64-bit CPU, memory, and 
file subsystems. 


In a 64-bit Windows environment, 32-bit application files are installed to the Program 
Files (x86) folder while 64-bit applications are stored in Program Files (unless the user 
chooses custom installation options). Windows' 64-bit shared system files (DLLs and 
EXEs) are stored in %SystemRoot%\system3z2; that is, the same system folder as 32- 
bit versions of Windows. Files for the 32-bit versions are stored in %SystemRoot% 
\syswow64. 


Note: A 32-bit version of Windows cannot run 64-bit applications. 


INSTALLING A DESKTOP APPLICATION 
Launch the program's setup application and complete the setup wizard to install it. In 
order to install a program successfully, you should exit any other applications or files. 
You may also need to disable antivirus software. 


USING PROGRAMS AND FEATURES 

Programs and Features allows you to uninstall a program or add or remove 
component features of software such as Microsoft Office. There is also usually a repair 
option, which will reinstall the components of the program. 


G Programs and Features E o x 


— ~ A O « All Control Pa... > Programs and Features v & Search Programs and Features P 


Control Panel Home f 
Uninstall or change a program 


View installed updates To uninstall a program, select it from the list and then click Uninstall, Change or Repair. 


@ Turn Windows features on or 


ig Organise v y e 
Name 7 Publisher Installed On Size Version tal 
(Gz) 7-Zip 16.02 Igor Pavlov 24/05/2018 3.45MB 16.02 
À Adobe Acrobat 9 Pro Adobe Systems 24/05/2018 1.15GB 9.5.5 
Adobe Creative Cloud Adobe Systems Incorporated 24/05/2018 272MB 4.4.1.298 
[E Adobe Digital Editions 4.5 Adobe Systems Incorporated 24/05/2018 20.8 MB 4.5.8 
Adobe Flash Player 30 NPAPI Adobe Systems Incorporated 21/08/2018 20.3 MB 30.0.0.154 
(BB Adobe Lightroom CC Adobe Systems Incorporated 24/05/2018 140GB 1.2 
[E] Adobe Photoshop 6.0 Adobe Systems, Inc. 24/05/2018 100MB 6.0 
(BB Adobe Photoshop CC 2018 Adobe Systems Incorporated 24/05/2018 2.05GB 19.1.1 
[E] Akamai NetSession Interface Akamai Technologies, Inc 24/05/2018 
4! Apple Application Support (32-bit) Apple Inc. 28/08/2017 163MB 5.6 
iË Apple Application Support (64-bit) Apple Inc. 28/08/2017 183MB 5.6 

Apple Mobile Device Support Apple Inc. 28/08/2017 41.8MB 10.3.2.3 
&) Apple Software Update Apple Inc. 24/03/2017 541MB 2.3.0.177 v 
< > 


“— Currently installed programs Total size: 38.2 GB 
ty 106 programs installed 


Programs and Features—select a program icon then use the options to uninstall, change, or repair. 
(Screenshot used with permission from Microsoft.) 
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files that might lock files installed by the application or the PC will need to be restarted. 
You may also need to disable antivirus software. If the uninstall program cannot remove 
locked files, it will normally prompt you to check its log file for details (the files and 
directories can then be deleted manually). 


@ Note: In order to uninstall a program successfully, you should exit any applications or 


ENABLING WINDOWS FEATURES 

You can use Programs and Features to enable or disable optional Windows 
components. Click the Turn Windows features on or off link then check the boxes for 
the features you want to enable (or uncheck boxes to remove those features). 


A Windows Features = o x 
Turn Windows features on or off O 


To turn a feature on, select its checkbox. To turn a feature off, clear its 
checkbox. A filled box means that only part of the feature is turned on. 


SELIM NET Framework 3.5 (includes .NET 2.0 and 3.0) 
) m| NET Framework 4.7 Advanced Services | 
oO Active Directory Lightweight Directory Services 

0n Containers 
| | Data Center Bridging 
m O|} Device Lockdown 
0R Guarded Host 
a M| | Hyper-V 
MI] Internet Explorer 11 
m |} Internet Information Services 
0R Internet Information Services Hostable Web Core 
a IC Lemacy Comnonents > - 


Enabling and disabling Windows Features. (Screenshot used with permission from Microsoft.) 


SOFTWARE CONFIGURATION 


Most configuration options for software are quite specific to each program. You can 
use menus such as File—Options, Edit—Preferences, or the Help menu to change 
the configuration settings. 


DEFAULT PROGRAMS 

Use the Default Programs applet to set the programs you wish to use for particular 
tasks or to configure individual file associations (choosing which application is used to 
open files with a particular extension). 
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© Ce << Default Programs » Set Default Programs vė Search Control Panel 


Set your default programs 
To set a program as the default for all file types and protocols it can open, click the program and then click Set as default. 


Programs $ A Mail . 
Microsoft Corporation 

Calendar 

(a File Explorer 

[i Food & Drink 

E] Games 

EJHealth & Fitness 

Æ internet Explorer p : 

43 Maps 

fifi Money æ Set this program as default 

Music Use the selected program to open all file types and protocols it can open 

EB News by default. 

@ Paint 


“Mail 


> Choose defaults for this program 
Choose which file types and protocols the selected program opens by 
default. 


Default Programs applet in Windows 8.1. (Screenshot used with permission from Microsoft.) 


Note: In Windows 10, select Windows Settings—Apps—Default apps. 


COMPATIBILITY MODE 
One of the challenges for Microsoft in releasing a new version of Windows is to provide 
compatibility for hardware and software developed for previous versions. 


Windows provides a degree of support for legacy DOS and Windows 9x programs, and 
each version provides support for earlier 2000/XP/Vista/7/8 versions. The Properties 
dialog box for executable files and the shortcuts to such programs have a 
Compatibility tab. It allows you to configure the program's original operating system 
environment and force it to use compatible display settings. 
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F] Photoshp.exe Properties x 


General Compatibility Security Details Previous Versions 


I this program isnt working correctly on this version of Windows, 
try running the compatibility troubleshooter. 


How do | choose compatibility settings manually? 
Compatibility mode 
Run this program in compatibility mode for: 


sacuscessusasssessuss cossssnsecssoasscescesesonssos soassosssescsessscorsessossssscsscsrecscesceseaseq, 


Settings 
[C] Reduced colour mode 
Sbit (256) colour 


L] Run in 640 x 480 screen resolution 
[L] Disable full-screen optimisations 
[_] Run this program as an administrator 


Change high DPI settings 


@ Change settings for all users 


OK Cancel Apply 


Access program compatibility options via the application's executable or shortcut file properties. 
(Screenshot used with permission from Microsoft.) 


Features such as User Account Control and its greater protection for system folders 
(Program Files and the system root), the Aero desktop compositing engine, and 64-bit 
Windows versions have made application compatibility even more challenging. UAC 
problems can be solved by running the program as an administrator, and there is an 
option to turn off advanced desktop compositing effects. There is a Program 
Compatibility Troubleshooter wizard (right-click the shortcut or executable) to help. 


MICROSOFT STORE APPS 

Windows 8 introduces support for a different kind of program, referred to variously as 
a Windows app, Store app, Universal app, or Modern/Metro app. These apps run 
across any kind of Windows device, including Windows-based smartphones and 
tablets. Windows apps are not installed via Programs and Features but via the 
Microsoft Store. 


Users must sign into the Microsoft Store using a Microsoft account. Apps can be 
transferred between any Windows device where the user signs in with that Microsoft 
account. 
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€ Microsoft Store - Oo x 
Home Apps Games Films & TV Search 2 É 
Results for: wifi analyzer 

Departments p Available on Y 
All types Desktop 
Apps (8) #2 Show all 
—_- 
Ø Channels 
Æ Signals 
all Networks 
WiFi Analyzer Wifi Analyzer and SpeedTest Master 
ee ol a Analyzer Scanner wk jr. => Commander: WiFi Tool 
Deg Tool Kaa = 3D Analyze &... kkhk 
krky 20 kkk De 
Det Deg 
Free” £449 £1.69 Free Free” £29:24 £4.19 £4674 £4.19 


Microsoft Store. (Screenshot used with permission from Microsoft.) 


Unlike desktop applications, store apps run in a restrictive sandbox. This sandbox is 
designed to prevent a store app from making system-wide changes and prevent a 
faulty store app from "crashing" the whole OS or interfering with other apps and 
applications. This extra level of protection means that users with only standard 
permissions are allowed to install store apps. Installing a store app does not require 
confirmation with UAC or computer administrator-level privileges. 


Apps can be uninstalled via the app's shortcut menu on the Start Screen. You can 
choose to uninstall an app from that device only or from all devices, wiping any data 
stored by the app in your account in the process. 


APPLICATION AND PRINT SERVICES 


A service is a Windows process that does not require any sort of user interaction and 
so runs in the background (without a window). Services provide functionality for many 
parts of the Windows OS, such as allowing logon, browsing the network, or indexing 
file details to optimize searches. Services may be installed by Windows and by other 
applications, such as antivirus, database, or backup software. 


SERVICES CONSOLE 


You might want to disable non-essential services to improve performance or security. 
You can prevent a service from running at startup by setting it to Manual or prevent it 
from running completely by setting it to Disabled. Note that this may cause problems 
if other services depend upon it. If something is not working properly, you should 
check that any services it depends upon are started. 
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Æ Computer Management 
File Action View Help 


e9 2m G8/B\m)] >> an mp 


ES Computer Management (Local) 
v ül System Tools 
@ Task Scheduler 
Event Viewer 
fa) Shared Folders 
Æ Local Users and Groups 
©) Performance 
iy Device Manager 
v &3 Storage 
EP Disk Management 
v iy Services and Applications 
©), Services 
a WMI Control 


a Oo x 
Actions 
Select an item to view its description. Name ^ Description Status ba] | Services a 
GL Activex Installer (AxlnstSV) Provides Us... More Act... > 
‘Gh Adobe Acrobat Update Serv... Adobe Acro... Running 
1G) Adobe Flash Player Update... This service... 
‘GL Adobe Genuine Software In... Adobe Gen... Running 
Ko AdobeUpdateService Running 
‘G2 AlUoyn Router Service Routes AlUo... 
GL App Readiness Gets apps re... 
‘Gh Apple Mobile Device Service Provides th... Running 
‘© Application Identity Determines ... 
X} Application Information Facilitates t.. Running 
Š} Application Layer Gateway... Provides su... 
‘Gk Application Management Processes in... 
‘GL Appx Deployment Service (... Provides inf... 
X}; ASLDR Service Running 
1G), ASP.NET State Service Provides su... 
Üh Assi gnedAccessManager Se... AssignedAc... ” 
i > 
\ Extended 4 Standard / 


{ = 


Managing services using the Computer Management console. (Screenshot used with permission from 


Microsoft.) 


To configure services, open the Computer Management console, then expand 
Services and Applications from the tree and click the Services icon. Alternatively, you 
can run the services.msc command. The services snap-in displays a list of installed 
services in the right-hand panel. Clicking a service displays information about it in the 
left-hand panel. The shortcut menu for a service allows you to start, stop, pause/ 
resume, or restart (stop then start). 


PRINT MANAGEMENT 


If you use Windows to host a printer (acting as a print server), you need to make 
drivers available for the different client operating systems that may be connecting to 
the printer. Windows comes with a Print Management snap-in (in Administrative 
Tools), where you can manage drivers and monitor the status of printers. 


File Action View Help 


¢®| 4) OE, 


{& Print Management 
4 © Custom Filters 
E All Printers (2) 
|] All Drivers (2) | 
E Printers Not Ready 
EË Printers With Jobs 
F Print Servers 
= Deployed Printers 


Driver Name Environment Driver Version 
| Microsoft Shared Fax Driver Windows x64 6.1.7601.17514 
| Microsoft XPS Document Writer Windows x64 6.1.7601.17514 


More Actions > 


Print Management (Windows 7). (Screenshot used with permission from Microsoft.) 
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© Note: Note that Print Management is not available in the Home editions. 


COMPONENT SERVICES 

The Component Object Model (COM+, Distributed COM [DCOM], and ActiveX) is a 
means for developers to link software applications and leverage Windows services. For 
example, COM OLE (Object Linking and Embedding) allows an Excel® spreadsheet to be 
saved within a Word document or a custom software application could use COM to 
write to the event log. The Component Services snap-in (accessed via Administrative 
Tools) enables you to register new server applications or reconfigure security 
permissions for existing services. 


DATA SOURCES 

The Data Sources or ODBC Data Sources snap-in (from Administrative Tools) 
enables you to control data connections set up on the local computer. A data source 
allows a client application to share data from a server application. For example, an 
Excel spreadsheet could be set up with a data connection to an SQL Server®. 


g ——> ————— 
————SS ee — i 
a y zx 


ODBC Data Source Administrator 


| User DSN | System DSN | File DSN | Drivers | Tracing | Connection Pooling | About | 
ODBC Drivers that are installed on your system: 


Name Version Company 
‘Microsoft Access Driver (mdb, *.accdb) l 14.00.6015.1000 Microsoft Cr 
Microsoft Access Text Driver (bt, *.csv) 14.00.6015.1000 Microsoft C: 
Microsoft Excel Driver ("2ds, *2dsx, *2dsm, *2dsb) 14.00.6015.1000 Microsoft C: 
SAL Server 6.01.7601.17514 Microsoft Cı 
SQL Server Native Client 10.0 2009.100.2500.00 Microsoft Cı 
T hs m | r 


An ODBC driver allows ODBC-enabled programs to get information from 
ODBC data sources. To install new drivers, use the driver's setup 


program. 


(ok )[ Cace )[ ay } [Help | 


Checking available drivers using the Data Sources snap-in. (Screenshot used with permission from 
Microsoft.) 


An Open Database Connectivity (ODBC) data source consists of a driver for the server 
application plus the location of the data (a file or a server). You may also need to 
supply the table name and logon credentials. Typically, drivers get added when an 
application is installed. 


Users can set up new data sources using the My Data Sources folder that gets added 
within their Documents folder in their profile. 
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TASK MANAGER 


The Task Manager utility (t askmgr . exe) allows the user to shut down applications 
that are not responding. An ordinary user can end an unresponsive application that 
they ran initially, but administrative rights are required to end processes that were not 
started by the user. This protects the system by ensuring malware cannot disable 
antivirus software or other protections. In addition to this functionality, Task Manager 
can be used to monitor the PC's key resources. The quickest way to open Task 
Manager is to press Ctrl+Shift+Esc. 


Note: Other ways to open Task Manager include pressing Ctrl+Alt+Del and selecting 
Task Manager, right-clicking the taskbar, and running taskmgr. exe. 


Task Manager has been significantly overhauled in Windows 8 and Windows 10. First 
we examine the Windows 7 version and the Windows 10 version follows after. 


APPLICATIONS TAB 

The Applications tab shows applications currently running in a desktop window. The 
shortcut menu for each allows you to force the application to close (End Task), manage 
its window, and show the process associated with the application. 


a 


Œ Windows Task Manager Colle JE 
File Options View Windows Help 
Applications | Processes | Services | Performance | Networking | Users | 
Task < Status 
(w) Documenti - Microsoft Word Not Responding 
8S Skype™ - james.pengelly Running 
EndTask || SwitchTo || New Task... 
Processes: 120 CPU Usage: 0% Physical Memory: 36% 


Windows 7 Task Manager—Applications tab. (Screenshot used with permission from Microsoft.) 


If an application is not responding, forcing it to close may result in the loss of any 
unsaved data. You are prompted to confirm what you want to do. 
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Microsoft Word is not responding 


If you restart or close the program, it will try to recover your 
information. 


> Restart the program 


> Close the program 


| > Wait for the program to respond 


Program not responding dialog box. (Screenshot used with permission from Microsoft.) 


Some applications, including Microsoft Office ones, can try to recover unsaved 
information from autosave and temp files. 


PROCESSES TAB 
The Processes tab shows CPU utilization and memory usage for each process. 


TechSmit... 
End Process SnagIt RP... 
End Process Tree Print driv... 
Debug Internet... 
ee: SnagIt 8 
UAC Virtualization iinet 


Create Dump File Adobe®... 


Set Priority Realtime 
Set Affinity... 


Properties one 


Go to Service(s) 


Processes: 168 CPU Usage: 12% Physical Memory: 44% 


Windows 7 Task Manager—Processes tab. (Screenshot used with permission from Microsoft.) 
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To view system-level processes (those not running under the logged-on user account), 
you must select the Show processes from all users option. 


You would examine these values to discover whether a particular application was 
misbehaving. For example, an application may "leak" memory by not freeing it up 
when it has finished using it. To show more than the default CPU and Memory Usage, 
select View—Select Columns and check the items that you want to look at. 


If a process is not responding or if you suspect it is faulty, you can right-click and select 
End Process to terminate it. 


In some circumstances, you may want to privilege one task over another, or 
conversely, set one task to have fewer resources than others. You can do this by right- 
clicking the process and choosing an option from the Set Priority submenu. For 
example, if you had a Voice over IP application and its priority was not already set to 
Above normal, changing its priority might improve call quality as the CPU would 
privilege that process over ones set to any other level. 


Note: As with other administrative tools, some settings in Task Manager (such as 
showing system level processes) are not available unless you run the tool with 
administrative privileges. 


You can choose to open the folder containing the process and inspect its file 
properties. This can be useful if you suspect a malware infection—you should check 
that the process is installed to a valid location. Sometimes a single process (such as 
svchost.exe) will "host" multiple services; conversely, there may be multiple versions of 
the process running. You can use the Go to Service(s) option in the process's shortcut 
menu to view them. 


Note: Use the File menu to launch a new process. You can choose to launch the process 
with administrative privileges by checking the box. 


SERVICES TAB 

You can use the Services tab to show which services are running, start and stop 
services, or open the services management console. Each running service is associated 
with a host process through its Process ID (PID). You can use the Go to Process 
option in the process's shortcut menu to view it. 
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File Options View Help 


Applications | Processes Services Performance | Networking | Users 


- 
- 


DNS Client 
Workstation 
Network Lo... 
Intel(R) Tu... 


HEGE 


Processes: 158 CPU Usage: 0% Physical Memory: 43% 


Windows 7 Task Manager—Services tab. (Screenshot used with permission from Microsoft.) 


PERFORMANCE TAB 

The Processes tab shows which applications might be using (or over-using) system 
resources. You can also use Task Manager to get a snapshot of overall system 
performance. Select the Performance tab to view resource usage. On a system with 
multiple processors, you should see multiple graphs for CPU Usage (one for each CPU). 
If this is not the case, select View—>CPU History—One Graph per CPU. Note that 
physical, multicore, and HyperThreaded processors are all represented. 
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<Œ Windows Task Manager o || © face 
File Options View Help 


e | Networking Users | 


CPU Usage CPU Usage History 

Memory Physical Memory Usage History 

Physical Memory (MB) System 

Total 6048 Handles 34534 

Cached 3317 Threads 1411 

Available 3857 Processes 118 

Free 600 Up Time 0:02: 18:27 
Commit (GB) 2/11 

Kernel Memory (MB) 

Paged 281 - | 

Nonpaged 136 | (#9) Resource Monitor... | 

Processes: 118 CPU Usage: 12% Physical Memory: 36% 


Windows 7 Task Manager—Performance tab. (Screenshot used with permission from Microsoft.) 


The following memory usage is displayed: 


* Physical Memory—usage of system RAM (not including the pagefile). 

* Kernel Memory—physical and paged memory used by Windows core files. 

* System summary—showing handles, threads, and processes (software objects 
being managed by the CPU), system uptime, and the commit charge (overall 
memory usage, including physical memory and pagefile). 


High peak values are nothing to worry about, but consistently high utilization means 
that you should consider adding more resources to the system (or run fewer 
processes!). CPU and physical memory obviously require physical upgrades. Windows 
will normally change the pagefile dynamically if it is running out of space. If it has been 
set manually, you should increase it using the Performance Settings button on the 
Advanced page of System Properties. 


Note: If the commit charge exceeds total physical memory, then performance will suffer 
as the system will be using the disk-based pagefile extensively. You need to multiply the 


commit charge (measured here in gigabytes) by 1024 to compare to physical memory 
(measured in megabytes). 


There is also a link to Resource Monitor, which shows additional live performance 
information. 


NETWORKING TAB 

The Networking tab shows the status and utilization of the network adapter(s). 
Utilization is expressed as a percentage, so if the link is 10 Gbps (as shown), 10% 
utilization shows that the computer is transferring about 1 Gbps currently. 
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<Œ Windows Task Manager o | | mee 
File Options View Help 


Applications | Processes | Services | Performance | Networking | Users 


Local Area Connection 


Adapter ‘Name Network Utiliza... Link Sp... State 
Local Area Con... 0% 10 Gbps Connected 
Processes: 37 CPU Usage: 2% Physical Memory: 73% 


Windows 7 Task Manager—Networking tab. (Screenshot used with permission from Microsoft.) 


USERS TAB 


The Users tab shows who is logged on to the machine. An administrator can 
disconnect or log off other users or send them a notification (to inform them that the 
computer will be shut down, for instance). 


WINDOWS 10 TASK MANAGER 


In Windows 10, you can open Task Manager via the Ctrl+Shift+Esc key combo, by 
right-clicking the taskbar, or by using the Windows+X menu. Task Manager may start 
in a "compact" mode; click the Show details button to expand it. 


@ Note: Task Manager in Windows 8 is essentially the same as in Windows 10. 


In Windows 10, the functions of the Applications and Processes tabs are consolidated 
across the Processes and Details tabs. On the Processes tab, you can expand each 
app or background process to view its sub-processes and view more clearly what 
resources each is taking up. 


The shortcut menu allows you to end a task. There is also an option to search for 
information about the process online. Another option is to view more information 
about a process via the Details tab. You can identify services associated with a process 
via the shortcut menu on the Details tab. 
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{5 Task Manager - x 


File Options View 


Processes Performance Apphistory Start-up Users Details Services 


" 4% 27% 0% 0% 
Name Status CPU Memory Disk Network 
a 
Apps (2) 
> &] Paint 0% 12.6 MB O MB/s O Mbps 
fh) Task Manager ha 1.0% 23,5 MB O MB/s O Mbps 
Background proces Resource vaitles 2 
@) 64-bit Synaptics F Debug 0% 0.8 MB OMB/s 0Mbps 
— . Create dump file 
[E] Antimalware Serv 0% 90.0 MB 0 MB/s O Mbps 
ean inci Go to details 
T] Application Fram 0% 5.7 MB 0 MB/s 0Mbps 
Open file location 
[E] Application Fram Goan honhne 0% 9.6 MB O MB/s 0Mbps 
[E] COM Surrogate Properties 0% 3.2 MB 0 MB/s 0Mbps 
[E] COM Surrogate 0% 1.3 MB 0 MB/s 0Mbps 
[E] Context Menu Utility 0% 1.2 MB 0 MB/s 0Mbps 
E] Context Menu Utility 0% 12MB 0MB/s 0Mbps 
[E] Cortana (5) 10) 0% 135.1 MB O MB/s 0Mbps 
y 
<m > 
Fewer details End task 


Windows 10 Task Manager—Processes tab. (Screenshot used with permission from Microsoft.) 


The Performance tab provides more information about the CPU, memory, disk, and 
network subsystems, while the App History tab shows usage information for Windows 
Store apps. 


Į5 Task Manager = x 


File Options View 


Processes Performance Apphistory Start-up Users Details Services 


Sate Disk 0 (C:) STSOOLMO000-1E)162 


Active time 100% 


Memory 
3.4/5.9 GB (58%) 


Disk 0 (C:) 
2% 


A =x 


60 seconds 


WiFi 


S: 0 R: 0 Kbps Disk tailer rate 100 KB/s 


| 


Bluetooth PAN 


Not connected 


OO EIRIO E 


Ethernet Activetime Average responsetime Capacity 466 GB 
S: 0 R: 0 Kbps 2% 0.9 ms Formatted: 466 GB 
System disk: Yes 
Readspeed : Write speed Page file: Yes 


OKB/s $93.1 KB/s 


N) Fewer details ® Open Resource Monitor 


Windows 10 Task Manager—Performance tab. (Screenshot used with permission from Microsoft.) 


The Users tab lets you see who is logged on (and allows you to send them a message 
or sign them out) plus information about the processes they are running and the 
resource utilization associated with their account. 
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g} Task Manager 
File Options View 
Processes Performance Apphistory Start-up Users Details Services 
7% 77% 78% 
User Status CPU Memory Disk 
~~ james.pengelly@gtslearning... 3.6% © 709MB 0.1 MB/s 
ba David (61) a ERETO = 0.6% 626.1 MB 0.1 MB/s 
[E] Search and ¢ 0% 96.9 MB 0 MB/s 
Connect 
Snagit (32 bi 0% 82.5 MB O MB/s 
[E cose cS) ok ayo ones 
Send messal 
[E Microsoft W š 0% 55.2 MB 0 MB/s 
Switch user account 
Snagit Editor 0.4% 39.8 MB O MB/s 
‘h Windows Ex Manage user accounts 0% 29.5 MB 0 MB/s 
E] Desktop Window Manager 0.1% 29.2 MB OMB/s 
@ Microsoft Edge 0.1% 19.6 MB O MB/s 
@ Microsoft OneDrive (32 bit) 0% 18.1 MB 0 MB/s 
{=| Usermode Font Driver Host 0% 12.9 MB O MB/s 
[& Logitech Updater (32 bit) 0% 9.7 MB 0 MB/s 
{| Windows Defender Smart... 0% 9.0 MB 0 MB/s 
E] Paint 0% 8.8 MB O MB/s 
©) Service Host: Unistack Serv... 0% 7.6 MB O MB/s 
ME Windowse Loan Lear Inter n 7SMR DMB fe 
Fewer details Sign out 


0% 
Network 
O Mbps ia) 
0 Mbps 
0 Mbps 
0 Mbps 
0 Mbps 
0 Mbps 
0 Mbps 
0 Mbps 
0 Mbps 
0 Mbps 
0 Mbps 
0 Mbps 
0 Mbps 
0 Mbps 
0 Mbps 
O Mbps 


N Mbne 


Switch user 


Windows 10 Task Manager—Users tab. (Screenshot used with permission from Microsoft.) 


The Startup tab lets you disable programs added to the Startup folder (type 
shell: startup at the Run dialog box to access this) or set to run using the 
registry. Right-click the headers and select Startup type to show how the program is 
launched. It also shows how much impact each item has on boot times. 


The tasklist and taskkill Commands 


You can also identify which service is running in which process (and vice versa) at a 


command line using the tasklist command. tasklist shows a list of processes 
(images) along with a PID, session name and number, and memory usage (in kilobytes). 
You can run the command with the / £ i switch to apply various filters (for example, 


tasklist /fi 


"memusage gt 150000" shows processes using more than 


150 MB)—check the online help for details. Using tasklist /svc shows alist of 


services within each process. 


The taskkill command can be used to end processes and services. Use 


taskkill /pid processidortaskkill /im ImageName to end a task 
by PID or image name respectively. Use the /t switch to also halt any child processes. 


The / £ switch terminates the process without any user notification (for the user to 
save changes, for instance) and will also terminate it even if it is currently displaying a 


dialog box. You can run the command with an appropriate filter (/ £i 
"Criteria"). You can use a PID, image name, service name, or window title or 
target multiple images using a filter for CPU time, memory usage, or status ("Not 


Responding," for instance). 


Note: There may be circumstances when you need to run Explorer with administrative 
privileges. To do this, open a command prompt using Run as administrator. Use 


taskkill /f /im explorer. exe to terminate the existing Explorer 


process, thenrun explorer. exe again from the same command prompt. 
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Note: On a network, you can use taskkilland tasklist to manage 
processes on a remote computer using the / s switch to identify the remote host (by IP 


address or host name) and the /u and /p switches to specify credentials (user name 
and password). 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
and job aids on How to Install and Manage Windows Applications. 
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Activity 12-1 


Discussing Windows Application 
Management 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. You need to install a desktop application across a network of 500 Windows PCs. 


What is the most efficient means of doing this, and what security 
considerations should you make? 


2. An installer program may present up to three options in Programs and Features. 
Two are Uninstall and Change. 


What is the third? 


3. How would you configure a legacy Windows 98 application to work with 
Windows 10? 


4. You take a support call where the user doesn't understand why a program runs at 
startup when the Startup folder is empty. 


What is the likely cause and how could you verify this? 


5. What additional information is shown on the Users tab in Windows 10 Task 
Manager compared to Windows 7? 
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6. You are watching CPU Usage and notice that it often jumps to 100% and then falls 
back. 


Does this indicate a problem? 
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Activity 12-2 


Configuring Windows Applications and 
Services 


BEFORE YOU BEGIN 
Complete this activity on the Hyper-V Manager and the PC1 (Windows 10) and PC2 
(Windows 7) VMs. 


SCENARIO 


In this activity, you will explore a software compatibility issue and look at the Services 
snap-in and Task Manager tools. 


1. Windows can run software in an environment that simulates older versions of 
Windows to try to solve compatibility problems. On the PC2 VM, use the C: 
\LABFILES\pgpfreeware.exe program to explore compatibility troubleshooting 
options. 

a) Open the Hyper-V Manager window. In the Virtual Machines panel, right-click PC2 
and select Start. Double-click the VM to open the connection window. 


b) Press Ctrl+Alt+End to show the sign-on screen. Select Switch User—Other User to 
use a different account to the one shown initially. In the User name box, type. 
\Admin. Type Pa$$wOrd in the other box, and then press Enter. 


c) Start Windows Explorer and open the C:\LABFILES folder. 
d) Double-click the PGPfreeware.exe file to run it. 


e) Select OK to dismiss the error message. On the taskbar, select the Program 
Compatibility Assistant window icon, and then select the Close button. 


f) Right-click the executable and select Troubleshoot compatibility. 

g) Select Try recommended settings, and then select Start the program. 

h) At the UAC prompt, select Yes to continue with the installation. 
In this instance it is safe to proceed, but on a production network you should be much 
more cautious about installing unsigned software. 

i) Cancel any error messages, but leave the troubleshooter open. 


j) Inthe Program Compatibility troubleshooter, select Next, and then select No, try 
again using different settings. 


k) | Check The program worked in earlier versions of Windows but won't install or 
run now, and then select Next. 


1) Select Windows 95 and select Next. 

m) Select Start the program. 

n) At the UAC prompt, select Yes to continue with the installation. 
The program will still not install. 

0) Cancel the error messages. 


p) Inthe Program Compatibility troubleshooter, select Next, then select No, report 
the problem to Microsoft and check online for a solution. 


q) Select the Close button. 


In this instance, the software is just not compatible with Windows 7, and you would 
have to look at the vendor's site for an updated version or create a Windows 9x 
Virtual Machine (VM) to use to run the program. 
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Open Task Manager, and observe the status information as you run the 
HeavyLoad PC "stress test" tool. HeavyLoad is developed by JAM Software (jam- 
software.com). 
a) Right-click the taskbar and select Start Task Manager. Observe the Applications tab. 
You might have some Explorer instances running. 
b) Select the Processes tab, and observe the background processes running under the 
user account. 
c) Select the Performance tab, and observe how much of the VM's resources are 
committed just to running Windows itself. 
d) Select Options—Always On Top. 
e) Onthe desktop, double-click the HeavyLoad icon. 
f) In HeavyLoad, use the Test Options menu or the toolbar buttons to use the following 
tests: 
* Write Temp File - Enabled. 
* Allocate Memory - Enabled. 
+ Start TreeSize - Disabled. 
* Stress GPU - Disabled 


© Heavyload (ean eon x 


File Test Options Tools Help 


Customize your file search ` O TreeSize Professional 


y 100 % 
M (HB CPU Usage z (EEEE 30 % 
© 55,000] ERS 


M i Disk Space T | 

M i Free Memory 2 45,000) ire g 

M [E] Frames per Second % 40,000) ee 
x 35,000 50 % Ç 
230.000} | 40% a 

Update Chart every £225,000} | 30% 

3 = second(s) 3 20.000 | eo 

z = 15,000) 10% 

E 10,000 


= 5,000 
o 


28 MB Memory Free 4% CPU Usage 


g) Select File—Start Selected Tests. 


h) In Task Manager, verify that CPU Usage graph shows the point at which HeavyLoad 
was launched. 

i) Check the Applications and Processes tabs in Task Manager, and observe the CPU 
and memory utilization for the HeavyLoad.exe process. 


j) Optionally, try starting some of the installed applications, such as Thunderbird or 
Nmap, using the desktop shortcuts. Observe if there is any effect on performance, 
such as taking a long time to display a window (there may not be). 


k) | Watch for a Low Disk Space Warning notification as the HeavyLoad temp file 
reduces spare disk capacity. 


1) In HeavyLoad, select File—Stop Tests. Observe Task Manager as CPU utilization 
drops and more memory is made available. 


m) Exit the HeavyLoad application. 


Use Task Manager to list running services and identify the processes that are 
hosting services. 


a) Select the Services tab and sort by Status. 
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b) 


c) 


d) 


Note the number of services is far higher than the number of processes seen 
previously. Also note that each service has a PID (Process ID). 


Select the Processes tab then select the Show processes from all users button. 
Services running under the system, local service, and network service machine 
accounts are shown. 

Select View—Select Columns. Check PID and select OK. 

Note the number of svchost.exe processes running and that these have the same 


PID as many of the services you looked at. Svchost is a generic process for running 
many Windows services. 

Right-click a svchost.exe process and select Go to Service(s) to switch back to the 
Services tab. Services running within that svchost.exe process image are selected. 
Note that they have the same PID. 


4. Some services are essential but others can be disabled to reduce startup time or 
make more system memory available. Practice managing services by disabling the 
Themes service. 


a) 


b) 
c) 


d) 


In Task Manager, on the Services tab, locate the Themes service. Right-click it and 
select Stop Service. 


Note the change to the desktop when the service is not running. 


=w indows Task Manager -lojx] 
| File Options View Help 


Applications | Processes Services | Performance | Networking | Users | 


Name + | PID | Description | Status | Group | 6 

Secure Soc... Stop...  LocalService 
Windows L... Runn... N/A 

Storage Se... Stop... _LocalSyste... 
Microsoft S... Stop... N/A 

Superfetch Runn... LocalSyste... 
TabletPCI... Stop... LocalSyste... 
Telephony Stop... NetworkSe... 
TPMBase... Stop...  LocalServic... 


Remote De... Stop... _NetworkSe... 
Fenes | [Themes [Sp [retoes 
THREADOR... Thread Or... Stop... LocalService 2 
TrkWks 892 Distributed... ... LocalSyste... 
Trustedinst... Windows M... 
uloDetect Interactive... 
UmRdpService Remote De... 


[Processes:44 [CPU Usage: 2% Physical Memory: 52% 


2| @ 0 Olaso Po Se m 


With the Themes service disabled, desktop compositing effects are not available, so the 
taskbar and window borders look much plainer. (Screenshot used with permission from 
Microsoft.) 


Minimize Task Manager. 
Open the Computer Management console, expand Services and Applications, and 
then select Services in the left pane. 


This snap-in lets you manage services. These are Windows and third-party processes 
that run in the background to support functions of Windows and third-party 
applications. You may choose to disable or enable services to improve performance 
or to troubleshoot a problem. 

Right-click Themes and select Properties. 

Note the options available here. 


* On the General tab—start, stop, pause, and resume a service and change its 
startup type (whether the service runs when Windows starts). 
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* On the Log On tab—specify the user account used to run the service. 
* On the Recovery tab—options for troubleshooting if the service does not start. 
* On the Dependencies tab—any relationships to other services. 


Note: If the Startup type is Disabled, you cannot start the service. You must 
change the Startup type to Automatic or Manual first. 


e) Onthe General tab, select Start, and then select OK. 
f) | Close any open windows. 


Start the PC1 VM, and compare the version of Task Manager running on 

Windows 10 to the Windows 7 version you have just looked at. 

a) Start PC1 and sign on to the Admin account with the Pa$$w0rd credential. 

b) Right-click Start and select Task Manager. 

c) In Task Manager, select More details. 

d) On the Processes tab, examine the list of Apps, Background processes, and 
Windows processes running. 

e) Select the Memory column to list the apps and processes by memory usage. 

f) Select the CPU column to list the apps and processes by CPU usage. 


g) Right-click the app or process using the most CPU resource and then select Go to 
details. 

h) Onthe Details tab, observe the list of apps and processes listed by executable name. 
The highlighted executable is for the process you selected from the Processes tab. 
Information includes the status of a process, its PID (process ID), and resource usage. 
To end a process, you can right-click it and then select End task, or End process tree. 
The latter closes not only the selected task, but all related tasks started by the 
selected task. You can add additional columns by right-clicking the column header 
and then selecting Select columns. 


i) Select the Performance tab. 


You can view the current system performance on this tab in terms of CPU usage, 
memory consumption, disk usage, and network throughput. 


j) On the left, select Disk 0 (C:). 

You can see detailed information about the disk resources. 
k) | Select the App history tab. 

This tab shows the usage history of installed Windows Store apps. 
1) Select the Startup tab. 


This shows information about items configured to run at startup. There may be 
nothing showing here, but typically it shows at least OneDrive and Windows 
Defender. 


m) Select the Users tab. 
This shows information about resource usage on a per-user basis. 
n) Select the Services tab. 


This is a list of all services in the computer, and shows the status (running, stopped) of 
each. Also shown is the PID. 


At the end of each activity, you need to close the VMs. You will always discard any 
changes you made. 


a) From the connection window, select Action—Revert. If you are prompted to confirm, 
select the Revert button. 


b) Repeat to revert the PC2 VM. 
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Topic B 


Manage Windows Performance 


1002-1.5 Given a scenario, use Microsoft operating system features and tools. 
1002-1.6 Given a scenario, use Microsoft Windows Control Panel utilities. 


B EXAM OBJECTIVES COVERED 


Diagnosing the cause of slow performance can be a difficult and frustrating task. You 
need to be able to use the system configuration and monitoring/logging tools to 
capture utilization of system components over time. 


SYSTEM PROPERTIES 


You can obtain a brief overview of some key system information from the System 
Properties applet. You can access this via Control Panel or by right-clicking the 
Computer/This PC object and selecting Properties. The System Properties home 
page displays summary information about the computer, including the processor type 
and installed RAM, plus the Windows edition, product key, and activation status. The 
system settings include network identification and domain membership, hardware 
settings and configuration, user profiles, and performance and recovery options. Select 
the Tasks or Advanced system settings links to access the configuration dialog 


boxes. 
= 
(E) wy 1] > Control Panel » All Control Panel Items » System v | 44] | Search Control Panel p 
T E Pea iz 
Control Panel Home z 
Manufacturer: Acer 
@ Device Manager Model: Aspire 4820T 
@ Remote settings Rating: mA Windows Experience Index 
@ System protection Processor: Intel(R) Core(TM) i3 CPU M330 @ 2.13GHz 
®@ Advanced system settings 2.13 GHz 
Installed memory (RAM): 3.00 GB (2.87 GB usable) 
System type: 64-bit Operating System p 
Pen and Touch: No Pen or Touch Input is available for this 
Display 
Acer support 
Website: Online support 
Computer name, domain, and workgroup settings 
Computer name: ODYSSEUS @ Change settings |F 
Full computer name: ODYSSEUS 
Computer description: CompTIA Certification Training from gtsleaning 
See also Workgroup: GTSLEARNING 
Action Center . 
aS? Windows activation 
indows Update 


F Windows is activated 
Performance Information and 
Tools Product ID: 00000-000-0000000-00000 Change product key 


Windows 7 system properties. (Screenshot used with permission from Microsoft.) 


In Windows 10, the System applet shown in the previous graphic is still available, 
though the Performance Information tool has been discontinued, but there is also a 
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system category within Windows Settings. Some of the system information is available 
on the About page. 


= Settings _ o x 
M Home About 
Find a setting O Your PC is being monitored and 
protected. 
System 
A Virus & Threat Protection 
Q] Notifications & actions © Firewall & Network Protection 


© Device performance & Health 


Focus assist 
2 © App & browser control 


®© Power & sleep A Account protection 

© Device security 
© Battery 

See details in Windows Defender 
œ Storage 


C8 Tablet mode . . . 
Device specifications 


Hi Multi-tasking 


Device name COMPTIA 
Processor ntel(R) Core(TM) i7-2670QM CPU @ 2.20GHz 

& Projecting to this PC Jei i 7 

A Installed RAM 6.00 GB 

2% Shared experiences . 
Device ID 

>$ Remote Desktop Pröduct ID 
System type 64-bit operating system, x64-based processor 

| © About Pen and touch No pen or touch input is available for this display 
Rename this PC 


Windows 10 Settings app showing the About page. (Screenshot used with permission from Microsoft.) 


ADVANCED SYSTEM PROPERTIES 


From the System applet, clicking Advanced system settings opens the System 
Properties dialog box. This allows you to configure remote settings, system protection, 
and advanced settings. 


REMOTE SETTINGS 

The Remote Settings tab enables (or disables) connections to the local PC from 

another PC on the network. There are two types of remote connection: 

* Remote Assistance means that the local user sends a request to another user on a 
remote computer inviting them to view or control their desktop. 


* Remote Desktop means that the remote user can initiate a connection at any time. 
The remote user needs to sign on to the local machine using an authorized account 
(configured via this dialog box). 
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System Properties x 


Computer Name Hardware Advanced System Protection Remote 
Remote Assistance 


Allow Remote Assistance connections to this computer 


What happens when | enable Remote Assistance? 


Advanced... 


Remote Desktop 
Choose an option, then specify who can connect. 
@ Dont allow remote connections to this computer 


© Allow remote connections to this computer 


Only allow connections from computers running Remote 
Desktop with Network Level Authentication (recommended) 


Help me choose Select Users... 


Cancel || Bool 


System Properties dialog box—Remote Settings tab in Windows 10. (Screenshot used with permission 
from Microsoft.) 


SYSTEM PROTECTION 


The System Protection tab provides options for configuring the System Restore 
feature. System Restore creates configuration backups. If there are changes or file 
corruptions that damage information in the registry or you want to reverse changes 
made when installing an application or device driver, you can use System Restore to 
reset the system configuration to an earlier point in time. Click Configure to enable or 
disable System Protection and set how much disk space the tool is allowed to use. 
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System Properties x 


Ú Use system protection to undo unwanted system changes. 
= 


System Restore 


You can undo system changes by reverting 


your computer to a previous restore point. System Restore... 


Protection Settings 


Available Drives Protection 
‘$a Local Disk (C:) (System) On 


Configure restore settings, manage disk space, Configure 
and delete restore points. = = 


Create a restore point right now for the drives that are 
have system protection tumed on. = — 


System Properties dialog box—System Protection tab in Windows 10. (Screenshot used with permission 
from Microsoft.) 


ADVANCED SETTINGS 

Upgrading the hardware resources on a system is fine if you have the budget and you 
can find compatible parts, but the rapid changes in computer technology mean that 
PCs and laptops can be very quickly left behind in terms of upgrade potential. There 
are various tweaks that can be made to improve the performance of an older system 
without specifying new hardware. The options on the Advanced tab include the 
following: 

* Performance options, including: 


* Configure desktop visual effects for best appearance or best performance. 
* Virtual Memory (paging). 
* Foreground/Background processing priority (a desktop PC should always be left 
optimized for programs). 
* Startup and recovery options. 
* Environment variables. 
* User Profiles. 
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M > Control Panel > System and Security > System vd Search Control Panel 2 


| Control Panel Home i HE Š 
View basic information about your computer 


@ Device Manager Windows edition 


@ Remote settings Windows 10 Pro ae ; 
@ System protection © 2018 Microsoft Corporation. All d OW S 1 0 
§ Advanced system settings System Properties 


Computer Name Hardware Advanced System Protection Remote 


You must be logged on as an Administrator to make most of these changes. 


Performance 
Visual effects, processor scheduling, memory usage and virtual memory this Display 
User Profiles @ change settings 
Desktop settings related to your signin 
Start-up and Recovery 
See also System start-up, system failure and debugging information 
Security and Maintenance Sana. 


@ change product key 


Environment Variables... 


System Properties dialog box—Advanced tab in Windows 10. (Screenshot used with permission from 
Microsoft.) 


VIRTUAL MEMORY 


Using virtual memory is a way for the computer to accomplish more than the limits of 
what its physical memory can perform. The computer system uses a portion of the 
hard disk as if it was physical RAM. When all physical memory is filled, the OS can 
transfer some of the least-recently used data from memory to a file on the hard disk 
called the pagefile, thereby freeing up an equivalent amount of space in the memory 
chips for other purposes. When the original data is needed again, the next least- 
recently used data is moved out of RAM onto the hard drive to make room to reimport 
the needed data. 


In Windows systems, the Virtual Memory Manager (VMM) manages the memory 
mappings and assignments .Running out of memory would mean that a process might 
not be able to start or could crash. 
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ae Physical memory 


os row 


Virtual memory Virtual memory 
addresses manager 


pagefile.sys 


Virtual memory. (Image © 123RF.com.) 


Virtual memory is not nearly as fast as actual memory. Modern DDRx SDRAM DIMMs 
read/write speeds are measured in nanoseconds, whereas hard drive seek, read, and 
write times are measured in milliseconds. If your computer is frequently exceeding its 
physical RAM and having to resort to using a pagefile on disk, adding more physical 
RAM may be the most economical way of effecting a noticeable change in 
performance. 


| EA system — 


} 
+ > Control Panel > System and Secu [Panel p 
| = z + Visual Effects Advanced Data Execution Prevention 


| Control Pa Processor scheduling 
Computer Name Hardware Advanced Syste Choose how to allocate processor resources. 
@ Device Ma 


You must be logged on as an Administrator to m Virtual Memory x 
@ Remote se Adjust for best performance of: 
Performance 
9 System pré p 
E E memact @ Programs O Background services 
@ Advanced 
Virtual memory 
ser Pacis A paging fig is an area on the hard disk that Windows uses as 
Deakins ectinnas plotiel io your sain Total paging file size for all drives: 2688 MB 
Change 
Start-up and Recovery 
System start-up, system failure and debugging Custom size: 
System managed size 
No paging file Set 
OK Total paging file size for all drives 
Security 2 aaa | Minimum allowed: 16 MB 
—- 1 Recommended: 1652 MB 
Currently allocated: 2688 MB 
OK Cancel 


Configuring virtual memory in Windows 10. (Screenshot used with permission from Microsoft.) 


When tuning the pagefile, keep the following in mind: 


* Windows can manage the pagefile and set an appropriate level. There is very little 


point in setting custom values unless you have a specific performance goal or 
requirement in mind. 
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* Each physical disk can have a pagefile of its own. This will allow Windows, 
depending on hardware, to concurrently access the paging files and, therefore, 
increase performance. 

+ The pagefile does not have to use contiguous disk space, although performance can 
be further enhanced if it does. To ensure that the pagefile uses contiguous space, 
you will need to defragment your disk then set the maximum and minimum sizes of 
the pagefile to the same value. 


@ Note: If the pagefile is a fixed size but too small, Windows might run out of memory, 


which could cause programs to crash. Also, if the pagefile is too small, the system may 
not be able to generate a complete crash dump of the memory contents, which will 
hamper efforts to troubleshoot system errors. 


For more information on pagefile tuning considerations, view Microsoft's Knowledge 
Base article (support.microsoft.com/en-us/help/2860880/how-to-determine-the- 
appropriate-page-file-size-for-64-bit-versions-of). 


WINDOWS PERFORMANCE MANAGEMENT TOOLS 


Windows provides numerous Administrative Tools to monitor system performance. 


* Task Manager—as you have seen, you can use the Performance tab in Task 
Manager to monitor utilization statistics in real time. 

* Resource Monitor—shows an enhanced version of the sort of snapshot monitoring 
provided by Task Manager. You can see graphs of resource performance along 
with key statistics, such as threads started by a process or hard page faults/second. 
Continually rising numbers of either of these can indicate a problem. 

* Reliability Monitor—displays a log of "system stability" events, so you can see at a 
glance whether a particular application has stopped responding frequently. 

* Performance Monitor—configure detailed reports on different system statistics 
and log performance over time. 


PERFORMANCE MONITOR 


Windows Performance Monitor can be used to provide real-time charts of system 
resources or can be used to log information to a file for long-term analysis. You can 
run the tool from the Administrative Tools folder or Computer Management; you 


can also run perfmon.exe. 


By monitoring different resources at different times of the day, you can detect 
bottlenecks in a system that are causing problems. It may be that a particular 
application starts freezing for longer and longer periods. This could be caused by a 
number of things. Perhaps it is that the processor is too slow, which would cause the 
requests to take longer; perhaps the hard disk is too slow, which would mean that it 
takes too long for the computer to open and save files; perhaps the application uses a 
network link that has become faulty or congested. 
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File Action View Help 


9 | AME =| 
(& Computer Management (Local E3 IA -| +2 KABA) D | 


a Ü} System Tools 
@ Task Scheduler 
Event Viewer 
E Shared Folders 
@® Local Users and Groups 
4 @) Performance 
4 [gm Monitoring Tools 
Bä Performance Mc 
[5 Data Collector Sets 
Ca Reports 
ay Device Manager 
4 {5 Storage 
f=? Disk Management 
B Services and Applications 


pee = a rad 
19:35:32 19:36:05 19:36:35 19:37:10 


Last 504.123 Average | 93.135 Minimum 0.000 
Maximum 520.187 Duration 1:40 


Counter Instance Parent Object ta! 


3 
= 


Ig 


... Available Bytes --- --- Memo! 
--- --- Memory 

% Usage VAC\... --- Paging File 
% Disk Time 1G --- PhysicalDisk 
Avg. Disk Queue L... 1C: = PhysicalDisk 
% Processor Time --- Processor 

% Processor Time = Processor 

% Processor Time == Processor 


* <1<) <1 <]<) <j <<] 


Performance Monitor in Windows 8.1. (Screenshot used with permission from Microsoft.) 


The performance of the computer could be increased by upgrading any or all of these 
components, but Performance Monitor will help you decide which is critical. 


ADDING OBJECTS, COUNTERS, AND INSTANCES 

Resources, such as memory and disk, are collected into objects. Objects have 
counters, representing different performance statistics, and there can be multiple 
instances of the same type of object. For example, disk performance can be measured 
using the Physical Disk Object, and a useful counter is the Average Queue Length. If 
there are two disks, three instances of this object can be viewed: disk 0, disk 1, and 
disks Total. 


Some of the most commonly used counters are listed here: 


Object Counter Description 


Processor % Processor Time The percentage of time 
that the processor is 
executing a non-idle 
thread. In general terms, 
this should be low. If it is 
greater than 85% for a 
sustained period, you may 
have a processor 
bottleneck. 
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Object 


Physical Disk 


Memory 


Counter 
% Privileged Time 
% User Time 


% Disk Time 


Average Disk Queue Length 


Available Bytes 
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Description 


If overall processor time is 
very high (over 85% for 
sustained periods), it can 
be helpful to compare 
these. Privileged time 
represents system 
processes, whereas user 
time is software 
applications. If privileged 
time is much higher, it is 
likely that the CPU is 
underpowered (it can 
barely run Windows core 
processes efficiently). 


The percentage of elapsed 
time that the selected disk 
drive is busy servicing read 
or write requests. This is a 
good overall indicator of 
how busy the disk is. Again, 
if the average exceeds 85% 
for a sustained period, you 
may have a disk problem. 


The number of requests 
outstanding on the disk at 
the time the performance 
data is collected. Taken 
with the preceding counter, 
this gives a better indicator 
of disk problems. For 
example, if the disk queue 
length is increasing and 
disk time is high, then you 
have a disk problem. 

The amount of memory 
available—this should not 
be below about 10% of 
total system RAM. If 
available bytes falls 
continuously, there could 
be amemory leak (that is, a 
process that allocates 
memory but does not 
release it again). 
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Object Counter Description 


Pages/sec The number of pages read 
from or written to disk to 
resolve hard page faults. 
This means your system is 
using the paging file. 
Nothing wrong as long as 
this is not excessive 
(averaging above about 50). 
You probably also want to 
check the paging file's 
usage by viewing the 
paging object itself. 

Paging File % Usage The amount of the pagefile 
instance in use in percent. 
If your paging file is 
currently 1000 MB on the 
disk and this figure 
averages 50%, then it 
means you might benefit 
from adding memory 
(about 500 MB, in fact). 
Don't forget that if your 
system pages excessively, 
then disk performance will 
suffer—paging is disk 
intensive. 


Notice that it is not always immediately apparent which component is causing a 
problem. Many counters are interrelated and must be viewed with other counters in 
mind. For instance, if your system memory is low, then the disk will likely be slow 
because of excessive paging. 


LOGGING PERFORMANCE 

In Performance Monitor, you can create log files, referred to as Data Collector Sets, 
to record information for viewing at a later date. You can generate a library of 
performance measurements taken at different times of the day, week, or even year. 
This information can provide a system baseline and then be used to give a longer-term 
view of system performance. There are two types of logs: counter and trace: 


* Counter logs allow you to collect statistics about resources, such as memory, disk, 
and processor. These can be used to determine system health and performance. 


* Trace logs can collect statistics about services, providing you with detailed reports 
about resource behavior. In essence, trace logs provide extensions to the Event 
Viewer, logging data that would otherwise be inaccessible. 


Saved log files can be loaded into Performance Monitor from the Reports folder for 
analysis or exported to other programs. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
VW and job aids on How to Manage Windows Performance. 
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Activity 12-3 


Discussing Windows Performance 
Management 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. How do you enable a Windows 7 computer to function as a Remote Desktop 
Server? 


2. Why isn't the System Protection feature a substitute for making a backup? 


3. What is the advantage of setting the pagefile to the same minimum and 
maximum sizes? 


4. You have a computer with two SATA disks. You want to evaluate the performance 
of the primary disk. 


How would you select this in Performance Monitor and what might be 
appropriate counters to use? 


5. You are monitoring system performance and notice that a substantial number of 
page faults are occurring. 


Does this indicate that a memory module is faulty? 
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Topic C 


Troubleshoot Windows 


1002-1.4 Given a scenario, use appropriate Microsoft command-line tools. 
1002-1.5 Given a scenario, use Microsoft operating system features and tools. 
1002-3.1 Given a scenario, troubleshoot Microsoft Windows OS problems. 


| EXAM OBJECTIVES COVERED 


An operating system like Windows provides a lot of information to assist 
troubleshooting, through configuration utilities and event logs. Plenty of tools are 
available to diagnose and recover from different kinds of problems. In this topic, you 
will learn which tools and techniques can help to resolve some of the common 
Windows OS problem symptoms. 


EVENT VIEWER 


When a problem is related to Windows or a software application rather than the 
computer hardware, there will often be an error message associated with the problem. 
This makes troubleshooting simpler as you may only need to find out what the error 
message means using product documentation, the Microsoft Knowledge Base, or 
useful websites and newsgroups. 


The Event Viewer (event vwr .msc) is amanagement console snap-in for viewing 
and managing system logs. It can also be accessed via Computer Management or 
Administrative Tools. The default page shows a summary of system status, with 
recent error and warning events collected for viewing. 


Event Viewer = o x 
File Action View Help 
e| 2ml Bm 

> © PersistentMemory-Scm a | Reheteiiee mm tls 

> © PersistentMemory-Virtu = 

> Hl PmemDisk Level Date and Time Source EventID Task Category 

> E Policy-based QoS @ Information 11/09/2018 18:04:28  PrintServ Print job diagnostics Æ Open Saved Log... 

> E] PowerShell @ Information 11/09/2018 18:04:28  PrintServ Print job diagnostics Y Create Custom View... 

> 15) PowerShell-DesiredState @ Information PrintServ Isolating printer driv... tinipcet Coston View. 

> © PrimaryNetworklcon J PrintServ Print job diagnostics T 

> E] PrintBRM @ Information PrintServ Print job diagnostics Clear Log... 

v E Printservice Information 11/09/2018 18:04:06  PrintServ Print job diagnostics Y Filter Current Log... 

E Admi D Jd diag 0g. 
sass Information 11/09/2018 18:02:59 i Print job diagnostics S) Properti 
i t] perties 
E] Operational - : peas p E 

> [E PriResources-Deployme | Event 800, PrintService a Disable Log 

> ©) Program-Compatibility- | l Find... 

> © Provisioning-Diagnostic General Details fey Save All Events As 

> © Proximity-Common x 3 

> ©) PushNotifications-Platfi Spooling job 6. Attach a Task To this Log... 

> ©) RasClusterResource View > 

> E] ReadyBoost 

à IG) Refresh 
> = ~ te Log Name: Microsoft-Windows-PrintService/Operational = : 
> y y ? p 
16 

>a Reliability-Analysis-Eng Source: PrintService Logged: 11/02018 ok : ; 

> [El RemoteApp and Deskto Event ID: 800 Task Category: Print job diagnostics Event 800, PrintService a 

> E RemoteAssistance Level: Information Keywords: WODI Diag Event Properties 

> RemoteDesktopServices User: COMPTIA\James ‘Computer: COMPTIA K) Attach Task To This Event... 

> ©) RemoteDesktopServices OpCode: a) E Save Selected 

>a RemoteDesktopServices More Information: Event Log Online Help v = 

> 1) RemoteDesktopServices v < > 63 Copy > 
= E Rì Rafrach ne 


Windows 10 Event Viewer. (Screenshot used with permission from Microsoft.) 
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The three-part pane view lets you see the details of the selected event in the bottom 
pane without having to open a separate dialog box. The third pane contains useful 
tools for opening log files, filtering, creating a task from an event, and so on. 


DEFAULT LOG FILES 


The principal Windows log files are shown in this table. 


Log File Description 


System Log Contains information about service load 
failures, hardware conflicts, driver load 
failures, and so on. 


Security Log This log holds the audit data for the 
system. 

Application Log Contains information regarding 
application errors. 

Setup Records events generated during 
installation. 


The files (application.evtx, security.evtx, system.evtx, and setup.evtx) are stored 
(by default) in the %SystemRoot%\System32\Winevt\Logs\ folder. 


Note: You can also log boot events by using msconfig. This boot log file is saved to 
%SystemRoot%\ntbtlog.txt. It is not shown in Event Viewer, though. 


Each log file has a default maximum size (usually about 20 MB), but you can change 
this by selecting Properties on the appropriate log. This option also allows the 
overwrite option to be set either as overwrite, do not overwrite, or archive (close the 
current file and start a new one). 


Note: Be careful about preserving logs. Many computers have ample free disk space, but 
archive logs can grow very large if left unmonitored. 


There are many other logs, stored under the Applications and Services Logs node. 
You would investigate these when troubleshooting a particular Windows service or 
third-party application. 


EVENT TYPES 


The Event Viewer displays each line or item in the source log file as an event and 
categorizes each event. The types of events are shown here. 


Event Description 


Information Significant events that describe successful 
operations, such as a driver or service 
starting or a document printing. 


Warning Events that may indicate future problems, 
such as when the system runs low on disk 
space. 

Error Significant problems, such as service 
failures and device conflicts. 

Critical An unrecoverable error that made the 


application or Windows close 
unexpectedly. 
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Event Description 

Successful Audit Security access attempts that were 
successful. 

Failure Audit Security access attempts that were 


unsuccessful. This may indicate a possible 
security breach or simply a user mistyping 
a password. 


More information for each event can be displayed by double-clicking the event in 
question. This displays a screen that contains the date and time of the event, the user 
and computer name, an event ID, source, type, and category, and a description of the 
event and the data in bytes and words. 


THE SYSTEM CONFIGURATION UTILITY 


The System Configuration Utility (ms config) is used to modify various settings 
and files that affect the way the computer boots and loads Windows. 


Note: The msconfig tool is frequently used to test various configurations for 
diagnostic purposes, rather than to permanently make configuration changes. Following 
diagnostic testing, permanent changes would typically be made with more appropriate 
tools, such as Services, to change the startup settings of various system services. 


GENERAL TAB 

The General tab allows you to configure the startup mode, choosing between Normal, 
Diagnostic, and a Selective startup, where each portion of the boot sequence can be 
selected. 


E System Configuration x 


General Boot Services Startup Tools 


Startup selection 
@) Normal startup 
Load all device drivers and services 


O Diagnostic startup 
Load basic devices and services only 


O Selective startup 
Load system services 
Load startup items 


Use original boot configuration 


Ca [eet] [ey | [ee 


System Configuration Utility—General tab. (Screenshot used with permission from Microsoft.) 
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BOOT TAB 
The Boot tab lets you configure basic settings in the Boot Configuration Data (BCD) 
store. 

© System Configuration x 


General Boot Services Startup Tools 


Windows 10 (C:\WINDOWS) : Default OS 


Advanced options... Set as default Delete 
Boot options Timeout: 
C] Safe boot C] No GUI boot 30 seconds 
Minimal Cl Boot log 
Alternate shell [_] Base video 
Active Directory repair [_] OS boot information [_] Make all boot settings 
Network permanent 


CE [ee] [ty | [tt 


System Configuration Utility—Boot tab. (Screenshot used with permission from Microsoft.) 


You can change the default OS, add boot options, such as Safe boot, with minimal 
drivers and services, and set the timeout value—the duration for which the boot 
options menu is displayed. To add boot paths you have to use the bcdedit 
command. 


Note: If you are troubleshooting a system that keeps using Safe boot or boots to a 
command prompt, check that one of the previous options has not been made permanent 
in System Configuration. 


SERVICES TAB 


The Services tab lets you choose specifically which services are configured to run at 
startup. The date that a service was disabled is also shown, to make troubleshooting 
easier. 
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©} System Configuration x 
General Boot Services Startup Tools 
Service Manufacturer Status Date Disabled A 
Adobe Acrobat Update Service Adobe Systems Incorporated 
[V] Adobe Flash Player Update Service Adobe Systems Incorporated Stopped 
| AdobeUpdateService Adobe Systems Incorporated Running 
| Adobe Genuine Monitor Service Adobe Systems, Incorpora Running 
[V] Adobe Genuine Software Integri... Adobe Systems, Incorpora Running 
[V] AllJoyn Router Service Microsoft Corporation Stopped 
| Application Layer Gateway Service Microsoft Corporation Stopped 
©] Application Identity Microsoft Corporation Stopped 
[V] Apple Mobile Device Service Apple Inc. Running 
[V] Application Management Microsoft Corporation Stopped 
[V] App Readiness Microsoft Corporation Stopped 
[V] AnoX Deplovment Service (Appx... Microsoft Corporation Runnina “4 
Note that some secure Microsoft services may not be disabled. Enable all a h Disable all 
[C Hide all Microsoft services E 2. 
[C ox || cancel || _ apply | | Help 


System Configuration Utility—Services tab. (Screenshot used with permission from Microsoft.) 


STARTUP TAB 


In Windows 7, the Startup tab controls the shortcuts that have been placed in the 
Startup folder of the Start Menu and startup items that have been written to the 


registry. 


panpana yegan papai a 
Syste! 0 juratio 


| General | Boot | Services| Startup | Tools 


Command 
C:\Program Fil... 
C:\Program Fil... 


Startup Item 


HD Audio Ba... 
IconUtility 


Realtek Semico... H 


HKLM\SOFTWARE\M... 


IKLM\SOFTWARE\W... 


Synaptics Po... 
Intel(R) PRO... 
Synaptics Po... 
Intel PROSe... 
Microsoft ®... 


"C:\Program Fil... 
rundll32.exe “... 

wscript.exe //b... 
c:\programdat... 

"C:\Program Fil... 
C:\Windows'\sy... 
C:\Windows\sy... 
C:\Windows'\sy... 
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System Configuration Utility—Startup tab (Windows 7). (Screenshot used with permission from 
Microsoft.) 
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The Start Menu is built from a template containing settings for all users plus shortcuts 
customized for the current user profile. The template is stored in C:\ProgramData 
\Microsoft\Windows\Start Menu\Programs and the user-specific shortcuts are in C: 
\Users\UserName\AppData\Roaming\Microsoft\Windows\Start Menu. 


Note: If the computer's performance is sluggish, try disabling startup items, as long as 
they are not providing key services, such as virus protection. 


Windows 8 and Windows 10 use Task Manager as the means of disabling startup 
items. 


TOOLS TAB 


The Tools tab contains shortcuts to various administrative utilities including System 
Information, Configuring UAC, Registry Editor, and so on. 


© System Configuration x 


General Boot Services Startup Tools 


Tool Name Description A 


About Windows Display Windows version information. 
Change UAC Settings Change User Account Control settings. 
Security and Maintenance Open Security and Maintenance. 

Windows Troubleshooting Troubleshoot problems with your computer. 


Computer Management View and configure system settings and components. 

System Information View advanced information about hardware and software settings. 

Event Viewer View monitoring and troubleshooting messages. 

Programs Launch, add or remove programs and Windows components. 

Svstem Pronerties View hasir information about vaur comnuter svstem settinns. = 

< > 
Selected command: 


C:\WINDOWS\system32\winver.exe 


Ca [ee] [tr [ 


System Configuration Utility—Tools tab. (Screenshot used with permission from Microsoft.) 


TROUBLESHOOTING TIPS FOR WINDOWS SYSTEM ISSUES 


This section discusses some typical Windows error messages and conditions. 


SLOW SYSTEM PERFORMANCE 

Slow system performance can have many causes. Use Task Manager to determine if 
any resources are at 90-100% utilization and then note which process is most active. 
You may need to identify a particular Windows service running within a 
svchost.exe process (use the PID). Windows Update/Installer, the Superfetch/ 
Prefetch caching engine, and Windows Defender (or third-party security software) are 
often the culprits. 


1. Wait for these processes to complete—if there is a mix of CPU, memory, and disk 
activity, then the process is probably operating normally, if slowly. If there is no 
disk activity or conversely if disk activity does not drop from 100%, the process 
could have stalled. 
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2. Ifthe process or system continues to be unresponsive, you can either restart the 
service or kill the task process. 

3. If killing the process doesn't restore system performance, try restarting the 
computer (reboot). The problem could be transitory and might not reoccur. 

4. Ifthe service or process becomes unresponsive again after restarting, disable it 
and check with the software vendor for any known problems. 


If you can't identify any overutilization, consider the following troubleshooting 
techniques and solutions: 


e Apply updates—check for any missing Windows and application updates and install 
the latest drivers for hardware devices. 

* Defragment the hard drive—running defrag regularly on a Hard Disk Drive (HDD) 
improves file I/O by putting files into contiguous clusters. Also make sure there is 
sufficient free disk space. 

* Power management issues—if the user has been closing sessions using sleep or 
hibernate, try restarting the computer. Verify that the system is not operating in a 
power-saving mode (CPU throttling). 

e Check for underpowered components—check resource utilization using Task 
Manager, Resource Monitor, or (for more extended periods) Performance 
Monitor. If CPU, system memory, disk, or network resources are continually 
stretched then the system will have to be upgraded. 


e Disable application startup—use the System Configuration Utility (msconfig) 
or Task Manager to prevent unnecessary services and programs from running at 
startup. If you need to run the services, consider setting them to delayed startup or 
manual startup to avoid slowing down boot times too much. 

* Disable Windows services/applications—if a service is not required and is causing 
problems, you can set it to Disabled to prevent it from being started. Note that 
some security-critical services (such as Windows Update) can be re-enabled 
automatically by the OS. 

* Security scan—scan the computer for viruses and other malware. 

e Check the configuration of antivirus software—while necessary to keep users as 
safe as possible from malware, A-V software can have a very harmful effect on 
performance. Try disabling scanning temporarily to test whether performance 
improves. Make sure the software is configured to exclude Windows system files it 
shouldn't scan and configure any exceptions for software applications 
recommended by the vendor. These typically include database files and the image 
files used for virtual hard disks. 


SERVICE FAILS TO START 


If you see a message such as One or more services failed to start during the 
Windows load sequence, check Event Viewer and/or the Services snap-in to identify 
which service has failed. Troubleshooting services can be complex, but bear the 
following general advice in mind: 

* Try to start the service manually—as most computers run a lot of services at 
startup, some can sometimes become "stuck." If a service is not required 
"immediately," it may help to set it to delayed start. 

* Services depend on account permissions to run—make sure that the service has 
sufficient privileges. Check that the service is associated with a valid user or system 
account and that the password configured for the account is correct. 

* Some services depend on other services to run—verify that disabling one service 
has not inadvertently affected others. 

* If a core Windows service is affected, check system files and scan the disk for errors 
and malware. 

* Ifan application service is affected, try reinstalling the application. 
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* You may be able to use regsvr32 to re-register the software component (Dynamic 
Link Library [DLL]) that the service relies upon. In 64-bit versions of Windows, there 
are two versions of regsvr32. The 64-bit version (located in %SystemRoot% 
\System32\regsvr32.exe) is called by default and used with 64-bit DLLs. The 32-bit 
version is in %SystemRoot%\SysWOW64\regsvr32. Run this version to re-register 
32-bit DLLs. 

* Check whether the service is supposed to run—faulty software uninstall routines 
can leave "orphan" registry entries and startup shortcuts. Use the System 
Configuration Utility (msconfig) or Registry Editor (regedit) to look for 
orphaned items. 


TROUBLESHOOTING TIPS FOR APPLICATION ISSUES 


As well as system-wide issues, some errors may be isolated to a particular application 
or file type. 


APPLICATION CRASHES 


If an application crashes, the first priority is to try to preserve any data that was being 
processed. Users should be trained to save regularly, but modern suites such as 
Microsoft Office are configured to save recovery files regularly, minimizing the chance 
of data loss. 

Try to give the process time to become responsive again and try to establish if you 
need to try to recover data from temporary files or folders. When you have done all 
you can to preserve data, kill the task process. If the application crashes continually, 
check the event logs for any possible causes. Try to identify whether the cause lies in 
processing a particular data file or not. 

If you cannot identify a specific cause of a problem, the generic solution to this type of 
problem is to uninstall then reinstall. Sometimes the Windows installer fails to remove 
every file and registry setting; if this is the case, then following manual uninstall 
instructions might help. 


An uninstall followed by a reinstall can be a lengthy process. Many installers offer a 
Repair option (accessed via Programs and Features). 


PRINTING ISSUES 


Printing issues can involve the printer hardware, network connectivity, or Windows 
settings. If you can discount hardware and network problems, make the following 
checks in Windows: 


1. Use the printer's property dialog box to try printing a test page. If this is 
successful, there must be an application or file-specific problem. 

Open the print queue and check for stalled print jobs. 

Restart the print spooler service. 

Check for any driver updates or known issues. 

Check permissions configured on the printer. 

Check for disk problems on the partition hosting the spool folder. 


au PWN 


BLUE SCREENS AND SPONTANEOUS SHUTDOWNS 


A Blue Screen of Death (BSoD) displays a Windows STOP error. A STOP error is one 
that causes Windows to halt. STOP errors can occur when Windows loads or while it is 
running. Most BSoDs, especially those that occur during startup, are caused by faulty 
hardware or hardware drivers. 


+ Use System Restore, or (if you can boot to Safe Mode), Rollback Driver to restore 
the system to a working state. 
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* Remove a recently added hardware device or uninstall a recently installed program. 
* Check seating of hardware components and cables. 


* Run hardware diagnostics, chkdsk, and scan for malware. 

* Make a note of the stop error code (which will be in the form: Stop: 0x0...) and 
search the Microsoft Knowledge Base (support.microsoft.com/search) for known 
fixes and troubleshooting tips. The various newsgroups accessible from this site 
offer another valuable source of assistance. 


d and wind has been shut down to prevent damage 
four computer. 


r thread crucial to 5y 


system operation has unexpectedly exited or been 


is the first ti y this p error screen, 
your computer. . gain, follow 


dump ... 
h dump 
1 memory. 


Blue Screen (of Death or BSoD). (Screenshot used with permission from Microsoft.) 


Note: If the system autorestarts after a blue screen and you cannot read the error, press 
F8 after POST to open the Advanced Options menu and select the Disable automatic 
restarts option. This option can also be set from Advanced System 
Properties—Startup and Recovery Settings. 


If a system halts without any sort of error message, there is likely to be a power 
problem or a problem with the CPU. 


TROUBLESHOOTING TIPS FOR FILE AND MEMORY 
CORRUPTION 


Problems with slow performance, application crashes, and blue screens could be 
caused by some sort of file corruption occurring on the disk or in system memory. You 
can use the following tools to verify the integrity of system files and memory hardware. 


SYSTEM FILE CHECKER 


Windows comes with a Windows Resource Protection mechanism to prevent 
damage to or malicious use of system files and registry keys and files. 
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The System File Checker utility (s £c) provides a manual interface for verifying system 
files and restoring them from cache if they are found to be corrupt or damaged. 
System files (and shared program files) are maintained and version controlled in the 
WINSXS system folder. This means that the product media is not called upon, but the 
WINSXS folder can consume quite a lot of disk space. 


The program can be used from a command line (as Administrator) in the following 
modes: 


* sfc /scannow—runs a scan immediately. 
* sfc /scanonce—schedules a scan when the computer is next restarted. 
e sfc /scanboot—schedules scans whenever the PC boots. 


Administrator: Command Prompt = oO x 


s with 


>] [/VERIFYFI 
/OFFBOOTDIR=<o 


o 


/VERIFYONLY ns integrity of a “otected em files. No repair operation is 


/SCANFILE ns i gri F the Ferenced oil irs file if problems ar 


/VERIFYFILE e t) n i with full path <file>. No repair 


/OFFBOOTDIR 


/OFFBOOTDIR=d:\ /OFFWINDIR= 


OFFBOOTDIR=d:\ /OFFWINDIR=d: \ 


System File Checker utility. (screenshot used with permission from Microsoft.) 


WINDOWS MEMORY DIAGNOSTICS 


Windows includes a Windows Memory Diagnostics tool to test memory chips for 
errors. You can either run the tool from Administrative Tools or boot to Windows 
Preinstallation/Recovery Environment and select Windows Memory Diagnostic. 
Select Restart now and check for problems. The computer will restart and run the 
test. Press F1 if you want to configure test options. 


If errors are found, first check that all the memory modules are correctly seated. 
Remove all the memory modules but one and retest. You should be able to identify the 
faulty board by a process of elimination. If a known-good board is reported faulty, the 
problem is likely to lie in the motherboard. 
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Windows Memory Diagnostics Tool 


Windows is checking for memory problems... 
This might take several minutes. 


Running test pass 2 of 2: 45% complete 
Overall test status: 72% complete 


Status: 
No problems have been detected yet. 


Although the test may appear inactive at times, it is still running. Please 
wait until testing is complete... 


Windows will restart the computer automatically. Test results will be 
displayed again after you log on. 


F1=Options ESC=Exit 


Windows Memory Diagnostics. (Screenshot used with permission from Microsoft.) 


TROUBLESHOOTING TIPS FOR BOOT PROBLEMS 


Assuming there is no underlying hardware issue, the general technique for 
troubleshooting boot problems is to determine the failure point, and therefore the 
missing or corrupt file. This can then be replaced, either from the source files or using 
some sort of recovery disk. 


BOOT PROCESS 


When a computer starts, the firmware runs a Power On Self Test (POST) to verify that 
the system components are present and functioning correctly. It then identifies a boot 
device and passes control to the operating system's boot loader process. 


With a legacy BIOS, the firmware scans the disk identified as the boot device and reads 
the Master Boot Record (MBR) in the first sector of the disk. The MBR identifies the 
boot sector or Volume Boot Record (VBR) for the partition marked as active. The VBR 
loads the boot manager, which for Windows is bootmgr.exe. The boot manager reads 
information from the Boot Configuration Data (BCD) file, which identifies operating 
systems installed on the computer. bootmgr and the BCD are normally installed to a 
hidden System Reserved partition. This partition can be formatted as either FAT32 or 
NTFS. 


Assuming there is only a single Windows installation, the boot manager loads the 
Windows boot loader winload.exe in the system root folder. 


Note: If there is more than one OS installation, the boot manager shows a boot menu 
allowing the user to select the installation to boot. 


winload then continues the Windows boot process by loading the kernel 
(ntoskrnl.exe), the Hardware Abstraction Layer (hal.dll), and boot device drivers. 
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Control is then passed to the kernel, which initializes and starts loading the required 
processes. When complete, the winlogon process waits for the user to authenticate. 


With an EFI boot, the initial part of the boot process is different. Following POST, the 
firmware reads the GUID Partition Table (GPT) on the boot device. 


The GPT identifies the EFl System Partition, which is always formatted with FAT. The EFI 
system partition contains the bootmgr.efi boot manager and the BCD. In point-of-fact, 
Windows uses its own implementation of the boot manager called bootmgfw.efi 
(bootmegr.efi is configured to time out quickly and bootmgfw.efi loads instead). Each 
Windows installation has a subfolder under \EFI\Microsoft\ that contains a BCD and 
bootmgfw.efi. 


bootmgfw.efi reads the BCD to identify whether to show a boot menu and for the 
location of winload.efi. From this point, the Windows boot loader continues the boot 
process by loading the kernel, as described previously. 


FAILURE TO BOOT/INVALID BOOT DISK 

If the system firmware returns an error message such as No boot device found or 
Invalid boot disk, then the system has completely failed to boot. The most common 
cause of this error used to be leaving a floppy disk in the drive on a restart. A modern 
cause is for the system firmware to be set to use USB for boot. Check for any 
removable disks and change the boot device priority/boot order if necessary. If this 
message occurs when booting from a hard disk or SSD, check the connections to the 
drive. If the error is transitory (for example, if the message occurs a few times then the 
PC starts to boot Ok), it could be a sign that the hard disk is failing. On an older system, 
it could be that the system firmware is having trouble detecting the drive. 


NO OS FOUND 

An OS missing type message can appear when a disk drive is identified as the boot 
device but does not report the location of the OS loader. This could indicate a faulty 
disk, so try running disk diagnostics (if available) then use a recovery option to run 
chkdsk. 

If the disk cannot be detected, enter system setup and try modifying settings (or even 
resetting the default settings). If the disk's presence is reported by the system firmware 
but Windows still will not boot, use a startup repair tool to open a recovery mode 
command prompt and use the boot rec tool to try to repair the drive's boot 
information. 


1. Enterbootrec /fixmbr to attempt repair of the MBR. 
2. Enterbootrec /fixboot to attempt repair of the boot sector. 


3. Enterbootrec /rebuildbcd to add missing Windows installations to the 
Boot Configuration Database (BCD). 


You could also use diskpart to ensure that the system partition is marked as active 
and that no other partitions have been marked as active. 


GRAPHICAL INTERFACE FAILS TO LOAD/BLACK SCREEN 

If Windows appears to boot but does not display the logon dialog box or does not load 
the desktop following logon, the likely causes are malware infection or corruption of 
drivers or other system files. If the system will boot to a GUI in Safe Mode, then replace 
the graphics adapter driver. If the system will not boot to a GUI at all, then the 
Windows installation will probably have to be repaired or recovered from backup. It is 
also possible that the boot configuration has been changed through msconfig and 
just needs to be set back. 


Windows is also sporadically prone to black screen issues, where nothing appears on 
the screen. This will often occur during update installs, where the best course of action 
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is to give the system time to complete the update. Look for signs of continuing disk 
activity and spinning dots appearing on the screen. If the system does not recover 
from a black screen, then try searching for any currently known issues on support and 
troubleshooting sites (support.microsoft.com/en-ph/help/14106/windows-10- 
troubleshoot-black-screen-problems). You can use the key sequence Windows+Ctrl 
+Shift+B to test whether the system is responsive. There should be a beep and the 
display may reinitialize. 


If the problem occurs frequently, use s fc to verify system file integrity and check 
video drivers. 


SLOW BOOT/SLOW PROFILE LOAD 


If Windows does boot, but only very slowly, you need to try to identify what is 
happening to slow the process down. You can enable verbose status messages during 
the Windows load sequence by configuring a system policy or applying a registry 
setting. In Windows 7, enable Verbose vs normal status messages or in Windows 
8/10, enable Display highly detailed status messages. 


Delays affecting the system prior to logon are caused by loading drivers and services. 
Quite often the culprit will be some type of network service or configuration not 
working optimally, but there could be some sort of file corruption, too. 


If the system is slow to load the desktop following logon, the issue could be a corrupt 
user profile. The registry settings file ntuser.dat is particularly prone to this. 
Rebuilding a local user profile means creating a new account and then copying files 
from the old, corrupt profile to the new one, but excluding the following files: 

+ Ntuser.dat 

+ Ntuser.dat.log 

+ Ntuser.ini 


SAFE BOOT 


Safe Mode loads only basic drivers and services required to start the system. This is a 
useful troubleshooting mode as it isolates reliability or performance problems to add- 
in drivers or application services and rules out having to fully reinstall Windows. It may 
also be a means of running analysis and recovery tools, such as chkdsk, System 
Restore, or antivirus utilities. 


Safe Mode defaults to SVGA resolution (800x600). Higher resolutions may be available 
if the basic driver supports them. 


You can boot to Safe Mode using the System Configuration utility, but this option is 
only useful if you can sign in to Windows anyway. If you cannot sign in, there are 
different startup repair options for Windows 7 and Windows 8/10. 


WINDOWS 7 ADVANCED BOOT OPTIONS 

In Windows 7, the Advanced Boot Options menu allows the selection of different 
startup modes for troubleshooting. To show the menu, press F8 during startup—after 
the memory count; try tapping repeatedly if the menu doesn't get displayed. 
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Advanced Boot Options 


Choose Advanced Options for: Windows 7 
(Use the arrow keys to highlight your choice.) 


Repair Your Computer 


Safe Mode 
Safe Mode with Networking 
Safe Mode with Command Prompt 


Enable Boot Logging 

Enable low-resolution video (640x480) 

Last Known Good Configuration (advanced) 
Directory Services Restore Mode 

Debugging Mode 

Disable automatic restart on system failure 
Disable Driver Signature Enforcement 


Start windows Normally 


Description: View a list of system recovery tools you can use to repair 
startup problems, run diagnostics, or restore your system. 


ENTER=Choose ESc=Cancel 


Advanced Boot Options in Windows 7. (Screenshot used with permission from Microsoft.) 


Apart from Safe Mode, some of the other options include: 
* Safe Mode with Networking—includes drivers and services required to access the 
network. 


* Safe Mode with Command Prompt—runs the command shell rather than 
Explorer. 


«+ Last Known Good—boots with the last registry configuration that was used to log 
on successfully. 


WINDOWS 8/10 STARTUP SETTINGS 
In Windows 8 and Windows 10, the boot process happens too quickly to use F8. You 
can hold the Shift key when selecting the Restart option from the Power menu to 


display troubleshooting options—note that you don't have to sign in to view the power 
menu. 
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Choose an option 


Continue i Turn off your PC 


Exit and continue to Windows 10 


Use a device 
Use a USB drive, network connection, 
or Windows recovery DVD 


Troubleshoot 


Reset your PC or see advanced options 


Windows 10 Startup options. (Screenshot used with permission from Microsoft.) 


From the first Choose an option screen, select Troubleshoot. From the next screen, 
select Advanced options. Select Startup Settings, then on the next screen, select 
Restart. 


Startup Settings 


Press a number to choose from the options below: 


Use number keys or functions keys F1-F9. 


1) Enable debugging 

2) Enable boot logging 

3) Enable low-resolution video 

4) Enable Safe Mode 

5) Enable Safe Mode with Networki 

6) Enable Safe Mode with Command Prompt 
7) Disable driver signature enforcement 


8) Disable early launch anti-malware protection 
9) Disable automatic restart after failure 


Press F10 for more options 
Press Enter to return to your operating system 


Windows 10 Startup Settings. (screenshot used with permission from Microsoft.) 


Press F4 to select Safe Mode, or choose another option as necessary. 
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WinRE AND STARTUP REPAIR 


If you cannot boot the computer from the local installation, you can try booting from 
the product media, a repair disk, or a recovery partition. You may have to access BIOS 
or UEFI setup to configure the boot device to the recovery media. 


If you don't have the product media, you can make a system repair disk from Windows 
using the recdisc tool. Obviously, you need to have done this before the computer 
starts failing to boot or create one using a working Windows installation. 


Once in the recovery environment, if the boot files are damaged, you can use the 
Startup Repair option to try to fix them. You can also launch System Restore or 
restore from an image backup from here. The last two options are to run a memory 
diagnostic and to drop into the Recovery Environment command prompt, where you 
could run startup recovery commands such as diskpart, sfc, chkdsk, 


bootrec, bcdedit, or regedit manually. 


T 
Choose a recovery tool 
Operating system: Windows 7 on (D:) Local Disk 
Startup Repair 
Automatically fix problems that are preventing Windows from starting 


System Restore 
Restore Windows to an earlier point in time 


Recover your computer using a system image you created earlier 


Windows Memory Diagnostic 
Check your computer for memory hardware errors 


lig 
LS 
A System Recove! 
fii 


Command Prompt 
Open a command prompt window 


Windows 7 System Recovery Options. (Screenshot used with permission from Microsoft.) 


Note: The Recovery Environment is an extended version of the Preinstallation 
Environment (PE) used to set up Windows in the first place. 


In Windows 8/10, as well as recdisc, you can use the Recovery Media Creator to 
create a USB-based repair disk and optionally include any recovery partition from the 
local disk. Boot using the recovery media, then from the first Choose an option 
screen, select Troubleshoot. From the next screen, select Advanced options. 


Advanced options let you run system restore, reinstall from a system image backup, 
run the automated startup repair tool, or drop to a command prompt. On a UEFI- 
based install, there is also an option to reboot to the system firmware setup program. 
In Windows 10, you may also be able to use See more recovery options to revert to a 
previous build, following a feature update. 


Lesson 12: Maintaining and Troubleshooting Microsoft Windows | Topic C 


The Official CompTIA® A+® Core 7 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 745 


© Advanced options 


System Restore Command Prompt 


Use a restore point recorded on your = Use the Command Prompt for 
PC to restore Windows : advanced troubleshooting 


System Image UEFI Firmware Settings 


Recovery Change settings in your PC's UEFI 
firmware 


Recover Windows using a specific 
system image file 


Startup Repair Startup Settings 
Fix problems that keep Windows from Change Windows startup behavior 
loading 


See more recovery options 


Windows 10 Startup Troubleshooting—Advanced options. (Screenshot used with permission from 
Microsoft.) 


SYSTEM RESTORE 


System Restore allows you to roll back from system configuration changes. System 
Restore allows for multiple restore points to be maintained (some are created 
automatically) and to roll back from changes to the whole registry and reverse 
program installations and updates. 


Note: System Restore does not restore (or delete) user data files. Files stored in users' 
Documents folders will be preserved. Also, the contents of settings folders such as 
Recent and Favorite links and Temporary Internet Files will not be rolled back. 


CONFIGURING SYSTEM PROTECTION 


The System Protection tab (opened via the System Properties applet) lets you select 
which disk(s) to enable for system restore and configure how much disk capacity is 
used. The disk must be formatted with NTFS, have a minimum of 300 MB free space, 
and be over 1 GB in size. 


Restore points are created automatically in response to application and update 
installs. They are also created periodically by the Scheduled Tasks applet. Windows 
will try to create one when it detects the PC is idle if no other restore points have been 
created in the last 7 days. You can also create a restore point manually from this dialog 
box. 


Lesson 12: Maintaining and Troubleshooting Microsoft Windows | Topic C 


746 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


lomputer Name anced Protecti 
: z Hoia lsin — E ‘ke System Protection for Local Disk (C:) 


off Use rotection ti dı nted chi 
74 system pı ion to undo unwai system EES 


| By enabling system protection, you can undo undesired changes by 
reverting your computer to a previous point in time. 


System Restore - 
You can undo system changes by reverting Syst z 
your computer to a previous restore point. = O Disable system protecti 
Protection Settings 
Available Drives Protection Disk Space Usage << 
‘$a Local Disk (C:) (System) On You can adjust the maximum disk space used for system protection. As 


space fills up, older restore points will be deleted to make room for new 
ones. 


Current Usage: 7.19 GB 
Configure restore settings, manage disk space, 
and delete restore points. Max Usage: g 


Create a restore point right now for the drives that 2% (10.00 GB) 
have system protection tumed on. 


Delete all restore points for this drive. 


OK Cancel 


Lge] [ance 


Configuring System Protection in Windows 10. (Screenshot used with permission from Microsoft.) 


USING SYSTEM RESTORE 


To restore the system, open the System Restore tool (rst rui), or run it by booting 
from the product disk or selecting the Repair Your Computer from the Advanced 
Options boot menu (Windows 7) or the Startup Recovery tools in Windows 8/10. 


© System Restore x 


Restore system files and settings 


Aa System Restore can help fix problems that might be making your 
computer run slowly or stop responding. 


System Restore does not affect any of your documents, pictures, or 
other personal data. Recently installed programs and drivers might be 
uninstalled, 

@ Recommended restore: 


Select this option to undo the most recent update, driver 
or software installation if you think it is causing problems. 


Time: 20/09/2018 20:08:21 
Description: Instal: Windows Modules Installer 
Current time zone: GMT Summer Time 


Scan for affected programs 
O Choose a different restore point 


< Back Cancel 


Using System Restore to apply a previous system configuration. (Screenshot used with permission from 
Microsoft.) 
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Note: System Restore does not usually reset passwords (that is, passwords will remain 
as they were before you ran the restore tool), but System Restore does reset passwords 
to what they were at the time the restore point was created if you run it from the product 
disk. This can be used to recover from a forgotten administrator password (refer to 
https://support.microsoft.com/en-us/help/940765/how-to-use-system-restore-to- 
log-on-to-windows-7-or-windows-vista-when for more details). 


ROLL BACK UPDATES 

If an update causes problems, you can try to uninstall it. You might be able to use 
System Restore to do this. Otherwise, open the Programs and Features applet and 
click View installed updates. Select the update then click the Uninstall button. 


> Installed Updates = oO x 


= ~ AM Ẹ« Programs > Programs and Features > Installed Updates v& Search Installed Updates P 


Control Panel Home . 
Uninstall an update 

Uninstall a program To uninstall an update, select it from the list and then click Uninstall or Change. 
® Turn Windows features on or 


~~ Organise ~ | Uninstall i- @ 
A 


Name Program Version Publisher 


a es 


Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (1) 


[E] KB2565063 Microsoft Visual C+... 
Microsoft Windows (6) 

[E] Security Update for Microsoft Windows (KB44... Microsoft Windows Microsoft Corporation 
[| Security Update for Adobe Flash Player Microsoft Windows Microsoft Corporation 
[i] Update for Microsoft Windows (KB4456655) Microsoft Windows Microsoft Corporation 
[E] Security Update for Adobe Flash Player Microsoft Windows Microsoft Corporation 
[| Security Update for Adobe Flash Player Microsoft Windows Microsoft Corporation 
[E] Update for Microsoft Windows (KB4343669) Microsoft Windows Microsoft Corporation 


v 


< > 
~m Microsoft Corporation Product version: 1 Support link: http://support.microso... 
d Help link: http://support.micros... Comments: This update is for . If yo... 


Using Programs and Features to uninstall an update. (Screenshot used with permission from 
Microsoft.) 


ROLL BACK DEVICE DRIVERS 


If you are experiencing problems with a device and you have recently updated the 
driver, Windows also provides a Roll Back Driver feature. A new driver may not work 
properly because it has not been fully tested or it may not work on your particular 
system. Driver roll back can recover a system speedily and easily where this has 
occurred. You can use Device Manager to revert to the previous driver. Right-click the 
device and select Properties. Click the Driver tab then click the Roll Back Driver 
button. 
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Using driver rollback via Device Manager. (Screenshot used with permission from Microsoft.) 


SYSTEM REPAIR AND REINSTALL 


If System Restore or Startup Repair do not work and you cannot boot to a log on, try 
to boot in Safe Mode. If this works, you should then be able to pinpoint the problem to 
a particular driver or service. Safe Mode loads Windows with a minimal set of drivers 
and services, so if this works it tells you that something is going wrong later on in the 
OS load. If the computer will not boot at all, you will have to resort to a system repair 
tool or possibly a reinstall option and restore from data backup (presuming you have 
made one). The various versions of Windows use different system recovery tools and 
backup processes. 


CREATING AND USING A RECOVERY IMAGE 

You can make a complete backup of the system configuration and data files. This is 
called an image. This method is simple, but you do need a backup device with large 
capacity. The best option is usually a removable hard drive. The best compression ratio 
you can hope for is 2:1—so a 20 GB system will create a 10 GB image—but if the 
system contains a lot of files that are already heavily compressed, the ratio could be a 
lot lower. You do have to keep the image up-to-date or make a separate data backup. 


You create a system image using the Backup and Restore applet in Control Panel. 
Click the Create a system image link in the tasks pane. Select a backup device and 
give the image a suitable name. 


To recover the system using the backup image, use the Advanced Boot Option or the 
System Image Recovery option off a repair disk or recovery environment. 


REINSTALLING WINDOWS 


If you do not have an up-to-date image, the last option is to reinstall Windows. You can 
try reinstalling Windows 7 over the top of an existing installation. This will preserve the 
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previous data in a Windows.old folder and might allow you to recover data files, if you 
do not have a data backup. You will need to reinstall software applications and 
reconfigure user accounts and settings. 


In Windows 8 and Windows 10, there is a reset option to try to repair the installation. 
This recopies the system files and reverts all PC settings to the default, but can 
preserve user personalization settings, data files, and apps installed via Windows 
Store. Desktop applications are removed. 


Restart to the recovery environment (or use a repair disk). From the first Choose an 
option screen, select Troubleshoot. Select Reset this PC. 


© Troubleshoot 


Reset this PC 


Lets you choose to keep or remove 
your files, and then reinstalls Windows. 


= Advanced options 


Windows 10 startup recovery. (Screenshot used with permission from Microsoft.) 


© Reset this PC 


Choose an option 


Keep my files 

Removes apps and settings, but keeps 
your personal files. 

Remove everything 
Removes all of your personal files, 
apps, and settings. 


Reset this PC options. (Screenshot used with permission from Microsoft.) 


Select Keep my files or Remove everything as appropriate. The computer will restart 
and you will be prompted to sign on using an administrator account to authorize the 
reinstallation. Select Reset to continue (or Cancel if you have changed your mind). 


If you choose to remove everything, there is a further option to securely delete 
information from the drive. This will take several hours but is recommended if you are 
giving up ownership of the PC. 
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Reset this PC 


Do you want to fully clean your drive? When you remove your files, you can also clean the drive so that the files can't 
be recovered easily. This is more secure, but it takes much longer. 


Just remove my files 


> Use this if you're keeping your PC. 


Fully clean the drive 


Use this if you'll recycle the PC. This can 
take several hours 


Choosing whether to securely erase the drive. (Screenshot used with permission from Microsoft.) 


GUIDELINES FOR TROUBLESHOOTING WINDOWS ISSUES 
Note: All of the Guidelines for this lesson are available as checklists from the Checklist 
tile on the CHOICE Course screen. 


Consider the following guidelines when troubleshooting issues on a Windows machine. 


TROUBLESHOOT WINDOWS ISSUES 

Follow these guidelines for troubleshooting Windows issues: 

* Examine log files and Event Viewer to get information about what has happened 
on the system. 

« Use the System Configuration Utility to modify system settings and files that 
affect the way the computer boots and loads Windows. 

+ Use Task Manager to attempt to locate a reason for slow system performance. 

+ Use Event Viewer to attempt to determine why a service fails to start. 

* Ifan application crashes: 


* Try to preserve any data that was being processed. 
* See if the process will become responsive again or if you need to kill the process. 
e Attempt to recover data from temporary files or folders if the process was killed. 
* Examine Event Viewer logs. 
+ Ifthe application repeatedly crashes, uninstall then reinstall the application, or if 
available, use the Repair option in Programs and Features. 
+ If there are printing issues, determine whether the issue is with the printer 
hardware or network connectivity. If it isn't those issues, examine Windows settings 
and check the following: 
1. Use the printer's property dialog box to try printing a test page. If this is 
successful, there must be an application or file-specific problem. 
2. Open the print queue and check for stalled print jobs. 
3. Restart the print spooler service. 
4. Check for any driver updates or known issues. 
5. Check permissions configured on the printer. 
6. Check for disk problems on the partition hosting the spool folder. 
If the user experiences frequent BSoDs: 
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+ Use System Restore, or (if you can boot to Safe Mode), Rollback Driver to 
restore the system to a working state. 

* Remove a recently added hardware device or uninstall a recently installed 
program. 

* Check seating of hardware components and cables. 

* Run hardware diagnostics, chkdsk, and scan for malware. 

* Make a note of the stop error code (which will be in the form: Stop: 0x0...) and 
search the Microsoft Knowledge Base (Support.microsoft.com/search) for 
known fixes and troubleshooting tips. The various newsgroups accessible from 
this site offer another valuable source of assistance. 

e If the user experiences file or memory corruption: 

e Use sfc to verify system files and restore them from cache if corrupt or 
damaged. 

+ Use the Windows Memory Diagnostics tool to test memory chips for errors. 

e Ifthe user is experiencing boot problems, determine the failure point, and 
therefore the missing or corrupt file. This can then be replaced, either from the 
source files or using some sort of recovery disk. 

* Try booting into Safe Mode to troubleshoot by loading only minimal required 
components. 

« Ifyou cannot boot the computer from the local installation, you can try booting 
from the product media, a repair disk, or a recovery partition. You may have to 
access BIOS or UEFI setup to configure the boot device to the recovery media. 

+ Use System Restore to rollback system configuration changes. 

e Rollback updates that are causing issues by uninstalling them. 


1. Open Programs and Features. 
2. Select View installed updates. 
3. Select the update that is causing the problem, then select the Uninstall 
button. 
* Rollback troublesome device drivers: 
1. Open Device Manager. 
2. Right-click the device having the problem and select Properties. 
3. Select the Driver tab. 
4. Select the Roll Back Driver button. 


+ If all else fails, determine whether you need to perform a system restore or reinstall 
Windows. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 
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Activity 12-4 


Discussing Windows Troubleshooting 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What is the full path to the Windows system log? 


2. What are the tab headings in msconfig, and which tab is not in the 
Windows 8/10 version? 


3. What device optimization settings could you check to mitigate slow 
performance problems? 


4. Auser calls saying that her screen occasionally goes blue and the system shuts 
down. 


What should you advise her to do? 


5. Aprogram is continually using 99-100% of processor time. 


What should you do? 


6. Where would you start to investigate a "Service failed to start" error? 
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Which troubleshooting tool is most likely to identify whether a problem is 
related to a device driver or to a faulty system component? 


You are assisting a user whose application is in the state shown in the exhibit. 


How would you troubleshoot this problem? 


[wa] Document! - Word (Not Responding) = 


A system is experiencing intermittent boot errors. The issue can be fixed 
temporarily by repairing the boot files. 


What should you do to fix the problem in the longer term? 


A computer is caught in a reboot loop. It starts, shows a BSoD, then reboots. 


What should you do? 
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11. If you suspect improper handling during installation has caused damage to a 
RAM module, how could you test that suspicion? 


Lesson 12: Maintaining and Troubleshooting Microsoft Windows | Topic C 


The Official CompTIA® A+® Core 7 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 755 


Activity 12-5 


Using Windows Troubleshooting Tools 


BEFORE YOU BEGIN 


Complete this activity by using Hyper-V Manager and the PC1 (Windows 10) and PC2 
(Windows 7) VMs. You need to adjust some of the VM settings to facilitate some of the 
troubleshooting actions you will perform in the activity. 

1. In Hyper-V Manager, right-click the PC2 VM and select Settings. 

2. Select the BIOS node, then in the Startup order box, select IDE and select the 
Move Up button. This prevents the option to boot from the product disc 
(interfering with selecting the Advanced Boot Options menu). 

3. Select OK. 


SCENARIO 


In this lab, you will use some of the startup troubleshooting modes for Windows 7 and 
Windows 10. 


1. On PC2, run the C:\LABFILES\crash.ps1 script to simulate a BSoD stop error. 
a) Start the PC2 VM and sign on using the account Admin and password Pa$$w0Ord. 
b) Press the Windows key and type powershell. 
c) Right-click the Windows Powershell link and select Run as administrator. 
d) Atthe UAC prompt, select Yes. 
e) Type C:\LABFILES\crash and press Enter. 
The system will go to a bluescreen and start a memory dump. 


thread crucial to 


rst time yc n th rror screen, 
er. If th n ap in, follow 


Dumping 


BSoD. (Screenshot used with permission from Microsoft.) 
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f) 


Once this is complete, the system will reboot to Windows Error Recovery. 


Windows Error Recovery 


windows did not shut down successfully. If this was due to the system not 
responding, or if the system was shut down to protect data, you might be 
able to recover by choosing one of the Safe Mode configurations from the 
menu below: 

(Use the arrow keys to highlight your choice.) 


Mode 
Mode with Networking 
Mode with Command Prompt 


Start Windows Normal] 


Seconds until the highlighted choice will be selected automatically: 24 
Description: Start Windows with its regular settings. 


ENTER=Choose 


Windows Error Recovery. (Screenshot used with permission from Microsoft.) 
Use the arrow keys to select Safe Mode. Press Enter. 
Notice that the device driver names are listed as the computer starts up. 
Sign in as Admin. 


Windows Help and Support opens. This explains what Safe Mode is. Also, you can see 
Safe Mode in the corners of the computer's display. 


Wy fip 


A 


s your © 


LABFILES 


mputer ina 


Tenant S£ Windows =15) x| b run Windo tarted. 
nitor to identify which 
E ' Windows has recovered from an unexpected shutdown 
2 Windows can check online for a solution to the problem the next safe mode, you can 
a time you go online. possible ca Fy on't 
of elimination to 


g the 


Mozilla NetStress mmonly use. inclu 


Thunderbird w| View problem details Check later ‘ogram might be the cause 
j If your computer automatically starts in safe mode without promptin lem 
z with your com iter might be preventing Windo ‘om startin 
} think the ca f the problem might be a recently installed pre 
Notepad++ using Recovery in Control Panel. For more information, see 
For more information about working in safe mode, see the following Help topics 


a) ° 
SilentEye Webserver e X 
Stress Tool 8 ad 


Eà, More support options 
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Windows 7 Safe Mode. (Screenshot used with permission from Microsoft.) 


Safe Mode 


Lesson 12: Maintaining and Troubleshooting Microsoft Windows | Topic C 


The Official CompTIA® A+® Core 7 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 757 


Use Event Viewer to examine logs related to the crash event and using Safe 

Mode. 

a) When you sign back in, the message Windows has recovered from an unexpected 
shutdown is displayed. Select View problem details. 
This shows the location of the memory dump. Analyzing the information in system 
memory at the time of a crash can help a developer identify the cause of the problem. 
If there were an actual problem with an application or driver, you would send the 
dump file to the developer for analysis. 

b) Select the Cancel button. 

c) Open Computer Management, expand the Event Viewer folder, expand Windows 
Logs, and then select the System log. 
Note that there are numerous service failure events. These are generated because 
the system is running in Safe Mode. 

d) Open a couple of items to view the descriptions of the events. 

e) Inthe Actions pane, select Filter Current Log. 

f) Inthe Filter Current Log dialog box, check the Critical and Warning boxes and then 
select OK. 

g) | Examine the critical kernel power event. 


h) Open the Application log. Filter for any Warning or Error messages. Are there any 
serious problems? 
Most of the errors and warnings you see will relate to not being able to contact 
domain services or use the Internet to obtain updates. The WMI errors are of no 
concern. 

i) Close the Computer Management console. 

j) Select Start, select the arrow on the Shut down button, and then select Restart. 
Windows restarts normally. 


Last Known Good resets the computer to the configuration that was last used 

successfully to log on. It can be a simple way of recovering the system if 

installation of a driver causes startup problems. Disable a device such as the 

network adapter, and then use the LKG boot option to revert the change. 

a) Inthe Virtual Machine Connect window, from the View menu, select Full Screen 
Mode. 
You need to use this mode for the VM to recognize keyboard input during the boot 
sequence. 

b) Sign back into Windows. Open Computer Management and select the Device 
Manager snap-in. 

c) Locate a device such as the network adapter that has a Disable option when you 
right-click it. 

d) Right-click the device and select Disable. Select Yes to confirm. 

e) Select Start—Shut Down—Restart. 


f) | When the screen turns black, start pressing F8 to display the Advanced Boot Options 
menu. 


Note: If you miss it, wait for Windows to boot, press CtrI+Alt+End, and then 
use the power icon on the logon screen to restart the VM and try again—do 
not try to log on! 


g) Use the arrow keys to select Last Known Good Configuration (advanced). Press 
Enter. 
Windows starts normally, but the configuration control set which was last used to sign 
in successfully is used to startup Windows. Note that using Last Known Good for 
recovery is only ever successful when, following a device driver system change, you 
do NOT log on. The logon process overwrites the Last Known Good configuration. 

h) Log on as Admin. When the desktop has been initialized, check Device Manager and 
verify that the device is no longer disabled. 

i) | You can now use the Restore icon to exit full screen mode if you wish. 
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4. 


Both Windows 7 and Windows 10 support the System Restore recovery tool, and 

on both platforms, it works in a similar way. For the last part of this activity, you 

will use Windows 10. In this step, enable system protection and create a restore 

point on PC1. 

a) Start PC1 and sign on to the Admin account with the Pa$$w0rd credential. 

b) Click in the search box and type restore. Select the Create a restore point link. 

c) In System Properties, select the Configure button. 

d) Under Restore Settings, select Turn on system protection. 

e) Under Disk Space Usage, move the slider bar to the right about a quarter of the way 
along the Max Usage gauge and then select OK. 

f) Inthe System Properties dialog box, select the Create button. 


g) Inthe System Protection dialog box, type Initial restore point, and then select 
Create. 


h) When the confirmation prompt is displayed, select Close, and then select OK to close 
the System Properties dialog box. 


Make some configuration changes, such as enabling some Windows Features and 

changing the account password. 

a) Inthe Instant Search box, type windows features, and select the Turn Windows 
features on or off link from the search results. 


b) In the Windows Features dialog box, select the Internet Information Services and 
Telnet Client boxes. Select OK. 

c) When the feature installation process has completed, if prompted, select Don't 
restart. 


d) Optionally, use Apps & features to uninstall one of the applications, such as 
Microsoft Baseline Security Analyzer. 


e) Press CtrI+Alt+End then click Change a password. 


f) Type the old password (Pa$$w0rd) and a new password of Trojan07 then press Enter. 
Select OK. 


g) Sign out of the VM. 


Now, imagine that the changes you just made were in fact made by a malicious 

Trojan, which has now locked you out of your machine. How useful will System 

Restore be in removing the "Trojan" Windows Features, recovering your 

password, and recovering your programs? First, try restarting to the Recovery 

Environment. 

a) At the accounts screen, confirm that you cannot sign in with the password Pa$$wOrd. 

b) Select the power icon, then hold down the Shift key and select Restart. 

c) When the recovery environment is opened at restart, on the Choose an option page, 
select Troubleshoot. 


Choose an option 


Continue Turn off your PC 


5 Exit and continue tr 


Troubleshoot 


| 1 Reset your PC or see advanced options 


Windows 10 Recovery Environment. (Screenshot used with permission from Microsoft.) 
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d) Select Advanced options and then select System Restore. 
e) Select the option for the Admin account and try to sign on with the password Pa$ 
$wOrd. 


This will not work as the "Trojan" changed the account password. 


Try booting from the product disc to use System Restore. 

a) If necessary, in the Virtual Machine Connect window for PC1, select Media—DVD 
Drive— Insert Disk. 

b) If necessary, browse and select the file C:\COMPTIA-LABS\win10.iso (or use the file 
suggested by your instructor). Select Open. 

c) From the menu bar, select File—Settings. 


d) Select the Firmware node. In the Boot order box, select DVD Drive and then select 
Move Up. Select OK. 


e) Inthe Virtual Machine Connect window, select Action—Turn Off. 


f) Inthe Turn Off Machine dialog box, select Turn Off. If prompted, confirm by 
selecting Turn Off. 


g) Inthe Virtual Machine Connect window for PC1, select Start. 
h) | When prompted to boot from the DVD, press Enter. 

Windows starts from the product disc image. 
i) Select Next. 


EE Windows 


Install now 


Repair your computer 


Windows 10 Setup. (Screenshot used with permission from Microsoft.) 
j) Select Repair your computer. 


k) When the recovery environment is opened, from the Choose an option page, select 
Troubleshoot. 


I) Select System Restore. 
m) Under Choose a target operating system, select Windows 10. 
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n) In the System Restore wizard, select Next. 


É System Restore 
Restore your computer to the state it was in before the selected event Á 
l ~ 
Current time zone: GMT-8:00 
Date and Time Description Type 
11/6/2018 5:45:03 AM Initial restore point Manual 
zn A 


Using Windows 10 System Restore. (Screenshot used with permission from Microsoft.) 
o) Select the Initial restore point row and then select Next. 
p) Select Finish, and then select Yes. 


q) When the restore operation is complete, select Restart. Do not boot from the disc 
this time. 


r) | When Windows restarts, log on as Admin. Which password do you need to use? 
The password should be Pa$$w0Ord. 
s) At the System Restore prompt, select Close. 


t) | Open the Windows Features dialog box, and verify that the Internet Information 
Services and Telnet Client features are not installed. 


u) Optionally, open Apps & features to verify that the application is still present. 


8. At the end of each activity, you need to close the VMs. You will always discard any 
changes you made. 
a) From the connection window, select Action—Revert. 
b) Ifyou are prompted to confirm, select the Revert button. 
c) Repeat to revert the PC2 VM. 
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Summary 


In this lesson, you maintained and performed troubleshooting on Windows PCs. In 
your role as an A+ technician, you will be advising and supporting users in a number of 
areas surrounding computing devices, so using the guidelines and procedures 
provided in this lesson will enable you to provide the required level of support to 
users. 


Which Windows performance management tools would you expect to use most 
in your workplace? 


Have you ever recovered a severely compromised Windows system? If so, then 
describe your experience. 


Practice Question: Additional practice questions are available on the CompTIA CHOICE 
platform within the Assessments tile. 
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Lesson 13 


Installing, Configuring, and Maintaining 
Operating Systems 


LESSON INTRODUCTION 


So far in this course, you worked with the Microsoft® Windows® operating system. As you know, a 
CompTIA® A+° technician will probably also be responsible for setting up, maintaining, and 
troubleshooting computers and devices that have other operating systems installed. Familiarity 
with other desktop operating systems, such as Linux® and macOS®, will enable you to support 
more of your user base. 


Since so many computers today come with operating system software installed by the vendor, an 
ordinary user might never need to install an operating system. As an IT professional, however, you 
might be called upon to install operating systems for a variety of reasons: if the original installation 
does not meet a user's needs; if the system needs to be upgraded; if you are redeploying a system 
from one user to another; or even if you need to complete a brand new build and construct a 
computer entirely from scratch. In all of these cases, you will need to be able to install, configure, 
and maintain the computer's operating system. 


LESSON OBJECTIVES 


In this lesson, you will: 

* Configure and use Linux. 

* Configure and use macOS. 

* Install and upgrade operating systems. 


* Perform OS maintenance tasks. 
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Topic A 


Configure and Use Linux 


EXAM OBJECTIVES COVERED 
A 1002-1.3 Summarize general OS installation considerations and upgrade methods. 


1002-1.9 Given a scenario, use features and tools of the Mac OS and Linux client/desktop 
operating systems. 


The various operating systems you might encounter use different tools, but the 
functionality of those tools is common across all types of systems. You will need to 
configure disks and file systems, user accounts, and software applications. 


Many individuals and organizations have adopted Linux as a desktop and server OS 
because of its high security, low cost, and ease of licensing. In this topic, you will 
examine the basics of Linux so that you can begin to understand and appreciate its 
benefits. 


THE LINUX OPERATING SYSTEM 


Like all operating systems, Linux enables the most basic common system operations, 
such as file management, user account management, and so forth. It provides a means 
for users to interact with their computer's hardware and software. 


DISTRIBUTIONS 


The core of Linux is called the kernel and this is the same on all versions or 
distributions (distros). The kernel is the software component that provides the core 
set of operating system functions. These include features for managing system 
hardware and for communicating between software and hardware. A Linux 
distribution is a complete Linux implementation, including kernel, shell, applications, 
utilities, and installation media, that is packaged, distributed, and supported by a 
software vendor. Common distributions include: 


* Red Hat/CentOS—the most commercially successful distribution. Also, the CentOS 
distribution is a stable, predictable, manageable, and reproducible platform derived 
from the sources of Red Hat® Enterprise Linux® (RHEL). CentOS is maintained by The 
CentOS Project, a community-driven free software effort that is modeled on the 
structure of the Apache® Foundation and has its own governing board. CentOS 
benefits from Red Hat's ongoing contributions and investment. 

* SUSE®—originally developed in Germany, the company was bought out by US 
networking company Novell. 

* Debian/Ubuntu®—one of the many volunteer-driven distributions. Ubuntu is one 
of most widely used versions of Debian. 

* Knoppix—another popular Debian derivative. 

These are some of the more popular distributions for PCs. There are a huge number of 

flavors, many of which have been developed for specialist applications such as running 

routers, set-top boxes, smart TVs, Internet of Things (loT) devices, and so on. The 
smartphone OS, Android™, is based on Linux. 


LINUX DESKTOP OPTIONS 


Linux was originally developed with a Command-Line Interface (CLI) or shell very 
much like UNIX. 
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Today many users of Linux still use the bash shell and server-based editions will often 
only have the command-line environment installed. For this reason, it is important that 
support technicians are comfortable with using Linux shell commands. Many system 
tasks still require the use of the command even if a GUI environment is running. Within 
a GUI, you can open a terminal window to run shell commands. 


Note: There are other CLI shells, include Bourne (sh), C Shell (csh), and Korn (ksh). 


For ease of use, many distributions aimed at end user PCs have a graphical shell 
loaded. Some popular GUI shells include: 


* Gnome (GNU Object Model Environment)—the oldest and most widely deployed 
GUI. Used by default on Fedora® and Debian. 


Note: GNU is a recursive acronym standing for "GNU is Not UNIX." Many of the non- 
kernel bits of software developed under the open source GNU license to replace their 


proprietary UNIX equivalents can be used with Linux. 


* KDE” (K Desktop Environment)—a very popular GUI often used by SUSE. 

* Cinnamon—based on the MINT GUI. 

* Xfce—one of the many lightweight GUIs, designed for systems with less RAM and 
CPU power. 


A typical Linux GUI desktop looks like the image in the following figure. 


Live-CD User (linux) on linux. site openSUSE tu 


gb Search: ) KinfoCenter 


All Applications 


@s Games 


Rò Graphics > 
$) Internet q 
jig Multimedia > 


= Office > 
jO; System > 
Pa Utilities > 


x Configure Desktop 


Ao E v 


Favorites Applications Computer Recently Used Leave 
Ora # 6 & d 00 AH ~ 09:02 4m 
Linux GUI desktop. 


It is worth noting that although the desktop can vary from distro to distro, most will 
have a common theme, with a start menu, taskbar, system tray, and so on, in a similar 
fashion to Windows and macOS. It should also be noted that unlike Windows and Mac, 
the default GUI shell can be swapped for a different one. Many GUls, including Gnome, 
will support features like virtual desktop (Mission Control on macOS). 
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Many distros will come with a range of open source applications pre-installed such as 
Firefox® Browser and office applications such as Libre. 


One thing that does vary from one distro to another is system tools. SUSE, for 
example, comes with a tool called YaST which provides a Control Panel style utility for 
Linux. Other similar tools are webmin and Yumix. However, it should be noted that all 
these tools simply update the standard Linux configuration files stored in the /etc 
folder. 
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> 


=l Printer 
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YaST Control Center. 


LINUX COMMANDS 


Linux commands are entered in a standard format, featuring the command followed 
by a space then a number of options (or switches) and/or arguments, depending on 

the function of the command. Wildcards (* and ?) can be used in the same way as at 
the Windows command line. 


+ The first "word" input is interpreted as the command. This could be a full or relative 
path to the executable or just the name of an executable stored in a directory 
identified by a PATH environment variable. The command "word" is completed by 
the first space character. 

* Options (or switches) are used to change the operation of a command. They can 
be single letters (preceded by a single hyphen) or words (preceded by a double 
hyphen). The order the options are placed on the command is not important. 

+ Arguments are values supplied to the command for it to operate on, such as file 
names. Arguments should be supplied in the correct order for the command's 
syntax. 


You can send or redirect the results of one command to another command. Pipes are 
used to combine Linux tools on a single command line, enabling you to use the output 
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of one command as the input to another. The pipe symbol is a vertical bar ( | ), which 
you type between two commands. 


You can issue more than one command before pressing Enter. Place a semicolon (; ) 
between the commands and they will be issued one after the other. 


CASE SENSITIVITY 


Commands, parameters, and file and directory names are all case sensitive in Linux. 


For example, 1s 


-1 file.dataandis -L File.data would produce 


completely different results. Using capitals in the command name would generate an 


error message. 


GETTING HELP 


Any Linux command will generally give a reasonably detailed explanation of its 
function and syntax when the - -help parameter is used. The help is often several 


pages long so use of the | 


more (pipe) at the end of the command is recommended 


on any command that generates large amounts of output. It shows the results a page 


at a time. For example: 1s 


--help | more 


Alternatively, you can use man to view the help pages for a particular command. For 
example, use man man to view the help pages for the man command. 


Note: Also note that Linux terminals support Tab completion to help in entering 
commands. You can use Shift+Page Up or Shift+Page Down and Ctrl+Shift+Up Arrow 
or Ctrl+Shift+Down Arrow to scroll. Use the Up and Down arrow keys to scroll through 


previously used commands. Use g to quit a command. 


LINUX DISK AND FILE MANAGEMENT 


In Linux, the directory structure is defined as a File System Hierarchy. Unlike 
Windows, drive letters like C: or D: are not used. The file system starts at the root, 
represented by /. Directories and subdirectories can be created from the root to store 


files. 


It is important to realize that everything available to the Linux OS is represented as a 
file in the file system, including devices. This is referred to as the unified file system. 
For example, a single hard drive attached to a SATA port would normally be 
represented in the file system by /dev/sda. A second storage device—perhaps one 
attached to a USB port—would be represented as /dev/sdb. 


When Linux boots, a system kernel and virtual file system are loaded to a RAM drive. 
The virtual file system identifies the location of the persistent root partition from the 
appropriate storage device and loads the file system stored on the disk. 


MOUNTING PARTITIONS 

A file system configured on a partition on a particular storage device is attached to a 
particular directory (mount point) within the unified file system using the mount 
command. For example, the following command mounts partition 1 on the mass 
storage device sda to the directory /mnt/diskC. 

mount /dev/sdal /mnt/diskC 


Mountable file systems are listed in the /etc/fstab file. 


Note: Think of the root file system representing everything on the computer as "THE" file 
system and a file system for a particular partition as just "A" file system. 
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LINUX FILE SYSTEMS 


Most Linux distributions use some version of the ext file system to format partitions 
on mass storage devices. ext3 is a 64-bit file system with support for journaling, which 
means that the file system tracks changes, giving better reliability and less chance of 
file corruption in the event of crashes or power outages. Support for journaling is the 
main difference between ext3 and its predecessor (ext2). ext4 delivers significantly 
better performance than ext3 and would usually represent the best choice for new 
systems. 


Linux can also support FAT/FAT32, though it is designated as VFAT. Additional 
protocols, such as the Network File System (NFS), can be used to mount remote 
storage devices into the local file system. 
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Using YaST to format a partition. 


SWAP PARTITION 


Virtual memory allows a computer to use disk space to supplement the amount of 
system RAM installed. If applications or data files use up the available physical 
memory, "pages" of data from RAM can be written to swap space on a disk to free up 
some space. If the paged data is required again, it is transferred from the swap space 
back to RAM. 


Most default installations of Linux create a swap partition to use as swap space. The 
swap partition is formatted with a minimal kind of file system. It can only be used by 
the memory manager and not for storage of ordinary data files. 


DISK MANAGEMENT COMMANDS 


The file system choice can be made when the disk has been partitioned. Most Linux 
distros provide GUI tools for managing disks and file systems, but the following 
represent the main command-line options: 


* fdisk—used to create and manage partitions on a hard disk. 
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* mkfs—used to format a partition. 
* mkswap—used to format a swap partition. The swapon command is used to 
activate the partition as swap space. 
* dd—make a copy of an input file (i £ =) to an output file (o £ =) and apply optional 
conversions to the file data. One notable use of dd is to clone a disk (in the 
following, sda might be the fixed drive and sdb a removable drive): dd 
if=/dev/sda of=/dev/sdb 
* You would need to boot from a live CD so that the file system was not mounted 
at the time of cloning. You can also clone a disk to a disk image (.img) file: dd 
if=/dev/sda of=/mnt/usbstick/backup. img 

* To restore, you could simply reverse the input and output files: dd if=/mnt/ 
usbstick/backup.img of=/dev/sda 


NAVIGATION IN THE LINUX DIRECTORY STRUCTURE 


The core commands that a technician should know to navigate the Linux file structure 
include 1s, cp, mv, rm, and cd, along with many more. This table describes these 
commands and how to use them. 


Command Usedto Description and Examples 


1s List files = The 1s command is used to display a folder in the same way 
as dir at the Windows command prompt. Popular 
parameters include -1 to display a detailed (long) list and - 
a to display all files including hidden or system files. The 
following example shows the entire contents of the /etc 
directory in a detailed format: 1s -1 -a /etc 


pwd Print The pwd command simply displays the current directory you 
working are working in. Any commands you use which don't specify a 
directory directory will assume your current one. The prompt on some 

distros will show your current working directory or a ~ 

symbol, which indicates you are in your home directory. 


cd Change The cd command is used to change your working directory. 
directory Typical syntax would be: 


* cd /etc—change directory to /etc. This is an absolute 
path (begins with /) so will work regardless of your 
current directory. 


* cd documents—change your directory toa 
subdirectory called documents. This is a relative path. 
The documents directory must exist below the current 
directory. 


* cd ..—change your directory to the parent directory 
of the one you are currently working in. 
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Command Used to 


cp Copy files 

mv Move files 

rm Remove 
files 


Description and Examples 


The cp command is used to create a copy of files either in 
the same or different folder with the same or different name. 
For example: 


cp filel.txt file1l.old—copy file1.txt in the 
current working directory to a new file called file1.old in 
the same directory. 


cp /etc/hosts /tmp—copy the file hosts from the 
directory /etc into the directory /tmp, keeping the file 
name the same. 

cp -v /var/log/message* /home/usera— 
copy all files beginning with the name message from 

the /var/log directory into /home/usera. The -v option 
displays the files copied. 


The mv command is used to either move files from one 
directory to another or rename a file. For example: 


mv /home/usera/data.txt /tmp—move the 
file data.txt from the /home/usera directory to the /tmp 
directory, keeping the file name the same. 

mv alarm.dat /tmp/alarm.bak—move and 
rename the file alarm.dat in the current directory to 
alarm.bak in /tmp. 


mv /var/log/appl.log /var/log/ 
appi1.old—rename the file app1.dat in the /var/log 
folder to app1.old. 


The rm command is potentially very dangerous if used 
incorrectly. Although its main role is to delete files, with an 
additional parameter (- r) it can also be used to delete 
directories. For example: 


rm data.old—remove the single file data.old from 
the current working directory. 


rm /var/log/*.bak—remove all files ending 
in .bak from the /var/log directory. 


-r /home/usera/data—remove the contents of 
the entire directory tree underneath the folder /home/ 
usera/data. 


À Caution: Use the -r switch with caution! 


Note: Remember that Linux commands operate 
without prompts, allowing you to cancel. 
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Command Usedto Description and Examples 


grep Filter files The grep (Globally search a Regular Expression and Print) 
command is used to search and filter the contents of files, 
displaying the lines that match the search string. The search 
string can be a simple text value to match (a literal) or can 
use a sophisticated pattern-matching system called regular 
expressions (regex). grep is especially useful for searching 
long files such as system logs. For example, the following 
command displays only the lines in the Linux system log file 
for messages that contain the text uid=1003, ignoring the 
case of the text: 


* grep -I "uid=1003" /var/log/messages 


The grep command can also be used to search a directory 


for a certain file. The 1s -1 | grep audit command 
returns a long listing of any files in the current directory 
whose name contains audit. 


LINUX FILE EDITORS 


vi or vim is a text file editor derived from a UNIX original. Although this tool is very 
powerful, it is based on letter- and number-based commands to modify the text. For 
example, dd when pressed will delete the whole line the cursor is on; 5dd would delete 
5 whole lines. When vi is in command mode, input such as this is interpreted as a 
command. 


To enter text, you need to switch to insert mode by pressing an appropriate command 
key. For example, i switches to insert mode at the current cursor position, a appends 
text at the end of the current line, and o inserts text on a new line below the current 
line. The Esc key switches from insert mode back to command mode. 


To save a file, use :w from command mode. To save and quit, use :wq. :q! quits without 
saving. 

There are other command-line editors, such as mcedit, nano, pico, or joe, that are 
easier to learn to use. 


LINUX USER ACCOUNTS 


Linux, like most operating systems, supports multiple users. The root user, also known 
as the superuser, is the default administrative account on a Linux system. This 
account can do anything on the system. You should only use this account when 
absolutely necessary. For most Linux distributions, you create a regular user when you 
are installing Linux. This is the user you should log on as for day-to-day tasks. Even 
many administrative tasks can be performed more safely under the regular user 
account. 


User accounts are linked to a primary group, which determines many aspects of 
security in Linux. User settings are stored in the /etc/passwd file and group settings 
are stored in the /etc/group file. The user password is typically stored as an encrypted 
hash in the /etc/shadow file, along with other password settings, such as age and 


expiration date. The command-line utilities useradd, usermod, and userdel can 
be used to add, modify, and delete user information. The groupadd, groupmod, 
and groupdel commands can be used to manage groups. 

A user can belong to many groups but can only have one effective group ID at any 
one time. The effective group ID is listed for the user account in etc/passwd and can 
be changed using the newgrp command. 
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Many distros have GUI-based utilities that allow user and group management. YaST is 
an example of one of these. 


User and Group Administratii Details Password Settings Plug-ins 
Users Groups 
Filter: Custom 
Login ~ Name UID Groups 
Last Password Change: 11/17/2015 
linux Live-CD User 999 users 
é mary} mary} 1003 users Force Password Change 


Days before Password Expiration to Issue Warning 
7 = 
¢ ~~ 


Days after Password Expires with Usable Login 
-l = 


Maximum Number of Days for the Same Password 
99999 = 


Minimum Number of Days for the Same Password 


~ 


0 = 


Expiration Date 


Add Edit Delete 


User and group Administration tool in YaST. 


su (Superuser) 

The su command allows a normal Linux user to become superuser (or root). The 
command will prompt the user for the root user's password. Additionally, it is possible 
to put a different user name after the su command and become that user, assuming 
the password is known. 


Using su without an option retains the original user's profile and variables. The 
switched user also remains in the home directory of the original user. Using su - 
changes users and launches a new shell under the context of that new user. This is a 
much better practice. 


sudo (Superuser Do) 

The sudo command allows a normal user to run specified commands with superuser 
privilege level. The superuser first has to edit the /etc/sudoers file listing the 
commands and users that are allowed to run them. The user enters the sudo 
command followed by the path of the command they wish to run. The user might be 
asked to confirm his or her password, if it has not been cached recently. 


passwd (Password Utility) 


The passwd command allows a user to change their own password or superuser 
(root) to change or reset someone else's. When a user runs the command, Linux will 
prompt first for the existing password then the new one, twice. The superuser can 
reset another user's password by typing the user name after the command. The 
existing password is not required in this case. To reset the password for the user 


fredb, the superuser would enter the command passwd fredb 


Note: Don't confuse passwd with pwd (Print Working Directory). 
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LINUX FILE SYSTEM PERMISSIONS 


The Linux file system has a relatively simple security system compared to Windows 
NTFS. There are just three different rights, as shown in the following table. 


Access Right Enables You To: 


Read (r) View the contents of a file or directory. 

Write (w) Modify or delete the object (in the case of directories, allows adding, 
deleting, or renaming files within the directory). 

Execute (x) Run an executable file or script. For directories, execute allows the 


user to do things like change the focus to the directory and access or 
search items within it. 


For each object, these permissions are set for the owner, for the group the owner 
belongs to or that the object has been assigned to, and for other users ("the world"). 
Using symbolic notation, each permission is allowed (r or w or x) or denied (-). If you 
run 1s -1to obtain a directory listing, directory or file object permissions will be 
shown as follows: 


«+ drwxr-xr-x 2 administrator administrator Desktop 
*  -rw-rw-r-- 1 administrator administrator MEMO.txt 


The leading character designates the file type. For example, - represents a regular file 
and d indicates a directory. The permissions for the Desktop directory show that the 
owner (administrator) has full (rwx) permissions, whereas the group (also 
administrator) and others have read and execute (r-x). For the MEMO.txt file, the user 
and group have read/write (rw-) permissions, whereas others has read permissions 
only (r--). 


Permissions can also be expressed numerically, using the octal value format shown in 
the following table. An octal value can represent up to eight digits (0-7): 


Digit Permission Binary Value Rights 

0 --- 0000 Deny all 

1 --X 0001 Execute 

2 -W- 0010 Write 

3 -WX 0011 Write and execute 
4 r-- 0100 Read-only 

5 r-x 0101 Read and execute 
6 rw- 0110 Read and write 

7 rwx 0111 Allow all 


So, for example, a file with numeric permission 0775 (the leading zero identifies the 
value as an octal, but can often be omitted) grants all rights to the owner and the 
owner's group and Read/Execute rights to everyone else. 


Note: Remember that Execute=1, Write=2, and Read=4—add those values together to get 
a particular combination of permissions. 


From the shell, the chmod command can be used to secure files and directories, using 
either symbolic or octal notation. Only the owner can change permissions. The 
command chown allows the superuser to change the owner of a file or directory, 
whereas chgrp can be used to change the group. 
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File Edit View Terminal Tabs Help 


[root@localhost ~]# ls -1 
total 72 


oe A -FW------- 1 root root 1486 May 25 11:48 anaconda-ks.cfg 
Original File drwxr-xr-x 2 root root 4096 Jun 25 08:32 Desktop 
Permissions -rw-r--r-- 1 root root 38599 May 25 11:48 install.log 


-rw-r--r-- 1 root root 3915 May 25 11:48 install.log.syslog 


drwxr-xr-x 2 root root 4096 Jun 24 16:33 links 
T -rwxr--r-- 1 root root 3597 Jun 25 08:36 Office_Products. txt chmod Alters 
[root@localhost ~]# chmod -v ugo+wx Office_Products.txt = es 
Permissions mode of ‘Office _Products.txt’ changed to 0777 (rwxrwxrwx) Permissions 
Changes Confirm [root@localhost ~]# ls -1 
total 72 

-rW------- 1 root root 1486 May 25 11:48 anaconda-ks.cfg 

drwxr-xr-x 2 root root 4096 Jun 25 08:32 Desktop 

-rw-r--r-- 1 root root 38599 May 25 11:48 install.log 


-rw-r--r-- 1 root root 3915 May 25 11:48 install.log.syslog 


Altered File drwxr-xr-x 2 root root 4096 Jun 24 16:33 links 
eee -rwxrwxrwx 1 root root 3597 Jun 25 08:36 Office Products.txt 
Permissions [root@localhost ~]# 


Modifying permissions using the chmod command. 


LINUX SOFTWARE MANAGEMENT 


A distribution contains any software packages the distribution vendor or sponsor 
considers appropriate. Copies of these packages (including any updates) will be posted 
to a software repository. Often the vendor will maintain different repositories. For 
example, there may be one for officially supported package versions, one for beta/ 
untested versions, and one for "at own risk" unsupported packages. 


The integrity of a package is usually tested by making a cryptographic hash of the 
compiled package, using a function such as MD5 or SHA-256. The hash value and 
function is published on the package vendor's site. When you download a package, you 
can run the same function on the package file (using a command such as md5sum or 
sha256sum) and compare the output with the published value. If they do not match, 
you should not proceed with the installation. 


PACKAGE MANAGERS (APT-GET) 

Linux software is made available both as source code and as pre-compiled 
applications. A source code package needs to be run through the appropriate compiler 
with the preferred options. Pre-compiled packages can be installed using various tools, 
such as rpm (Red Hat Package Manager), apt (Debian), or yum (Fedora). Many 
distributions also provide GUI package manager front-ends to these command-line 
tools. 
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E] YaST2@linux-4nsx o E eg 


File Package Extras Help 


Filter: | Search B |_| Package | Summary E | 
E apache2 The Apache Web Server Version 2.0 
|| 
Search: 0o apache2-devel Apache 2.0 Header and Include Files 
oO apache2-doc Additional Package Documentation 
7 
oO apache2-example-pages Example Pages for the Apache 2 Web Server 
| Search o apache2-mod-apparmor AppArmor module for apache2 
el apache2-mod_auth_mysq! Enables the Apache Web Server to Authenticate Users againsia MySQL Dal 
Search in o apache2-mod_macro Define and Use Macros within the Apache Configuration 
[X] Name [C] apache2-mod_perl Embedded Perl for Apache 
X] Summary [C] apache2-mod_phps PHPS5 Module for Apache 2.0 
go ription oO apache2-mod_python A Python Module for the Apache 2 Web Server 
o apache2-prefork Apache 2 "prefork" MPM (Multi-Processing Module) 
[_] RPM "Provides" [C] apache2-worker Apache 2 worker MPM (Multi-Processing Module) za 
i RPM "Requires" go libapr1 Apache Portable Runtime (APR) Library 3 
oO libapri-devel Apache Portable Runtime (APR) Library a 
Cl libapr-util1 Apache Portable Runtime (APR) Library b 
Search Mode 4 | | al> 
Contains v 
— Description | Technical Data Dependencies Versions | File List Change Log 
_| Case Sensitive i 
apache? - The Apache Web Server Version 2.0 E 
Apache 2, the successor to Apache 1 
| Name | Disk Usage | | Used | Free | Total Apache is the most used Web server software worldwide 
i W i% 16GB 139GB 155GB an 
Some new features in Apache 2 al 
B 
$ huhrid mihinare miltiihrandad mada far imnemand eenlahiliss 
Check | [C] Autcheck Cancel || Accept 
E] Computer | E3 YaST Control Center ] m| YaST2@linux-4nsx 6] do Thu Dec 9, 10:13 f=} 


YaST package manager in SUSE. 


The following uses of apt - get provide some examples of how packages are 
managed at the command line: 


* apt-get update—refresh the local database with information about the 
packages available from the repository. 
* apt-get upgrade—update all packages with the latest versions. 


* apt-get install PackageName—install a new application. 


LINUX SYSTEM COMMANDS 


There are many tools and techniques available to troubleshoot issues with applications 
or update the network configuration. You should also know how to shut down or 
reboot a Linux PC. 


Command Description 


psand kill The ps command displays the Linux processes (programs) that 
are currently running. Each process has a system generated 
process ID which can be used with the kil1 command to end 
the process. The parameter - ef displays processes being run by 
all users along with a more detailed display. 


ifconfigand Theifconfig and iwconfig tools display the current state 
iwconfig of the network interfaces within Linux. ifconfig is the original 
tool designed for cabled Ethernet interfaces, whereas iwconfig 


displays information about the wireless adapters configured 
within the system. 
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Command Description 


shutdown Linux is designed to be a very stable operating system and the 
server versions often run non-stop for months or even years at a 
time. However, the desktop versions are likely to be powered on 
and off much more often. The shut down command has two 
main parameters: -h to halt or - r to reboot the system followed 
by when the event should take place. Examples of this could be 
now, +10 (+10 meaning ten minutes from now), or 17 : 30 (to 
specify an exact time). 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
VW and job aids on How to Configure and Use Linux. 
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Activity 13-1 


Discussing Linux Configuration and Use 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What type of file system is usually used for the Linux boot partition? 


2. What command would you normally need to run in order to access the 
contents of a USB memory stick inserted into Linux? 


3. Which Linux command will display detailed information about all files and 
directories in the current directory, including system files? 


4. Acommand has generated a large amount of data on the screen. 


What could you add to the command to make the output more readable? 


5. What command would allow you to use delete the contents of the folder / 
home/fred/junk and all its subdirectories? 


6. What command could you use to move a file names.doc from your current 
directory to the USB stick linked to folder /mnt/usb? 


7.  Afile is secured with the numeric permissions 0774. 


What rights does another user account have over the file? 


8. What command allows file and directory permissions to be changed? 


9. Which Linux command allows a user to run a specific command or program 
with superuser/root privileges? 
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10. Which file contains the list of user accounts created on Linux? 


11. You want your Linux PC to close gracefully at 9:00 p.m., as a scheduled power 
outage is planned at 12:00 midnight. 


How could you do this? 
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Activity 13-2 


Configuring and Using Linux 


BEFORE YOU BEGIN 
Complete this activity by using Hyper-V Manager and the LX1 (Cent OS Linux) VM. 


Remember that all commands and input in Linux are case-sensitive. 
Whenever you are prompted for a password, use Pa$$w0rd. 


SCENARIO 
In this activity, you will investigate some of the features of the Linux GNOME desktop 
environment, plus some command-line tools. 


1. Use Hyper-V Manager to start the LX1 VM and sign on using the account centos 

and password Pa$$w0rd. Identify the main elements of the desktop environment. 

a) In Hyper-V Manager, right-click LX1 and select Start. Double-click the VM to open the 
connection window. 

b) When the VM has booted, select the centos account icon. 

c) Type Pa$$wOrd and then press Enter to sign on. 
Note: The first time users log in, they are prompted to configure localization 
settings. If a Welcome screen is displayed, accept the defaults or other settings 
as your instructor suggests. 


d) View the desktop. 


O Appice «= Places muin &§ A O 
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e) Note the following features of the desktop. 
* The Applications menu contains shortcuts to software, while Places contains 
shortcuts to file system locations. 
* The right-hand icon on the menu bar accesses settings, plus options for signing 
out or shutting down the PC. 
* The bottom taskbar shows open windows. You can switch between workspaces 
(multiple desktops) using the "1/4" icon at the bottom right. 


*% 


f) | Select the power icon and then select the Settings icon. Browse some of the 


options, such as Network. 
The Settings page contains configuration options similar to Windows Control Panel. 
g) Close the Settings window. 


2. Use the file browser to identify some of the principal directories in the Linux file 
system. 


a) Double-click the Home icon on the desktop. 
This starts in the current user's home directory. 


1 Q Home > 


DO Documents 
Downloads 


Downloads 


B Musi P 


© Pictures 
vm™ Videos Pictures Templates 


Tf Trash 


+ Other Locations 
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b) Select Other Locations and then Computer to view the File System Hierarchy (FSH). 


#* Applications Places Files Tue 19:12 ®© #) © 


«| home >» 


© Recent 


@ Home 


[mm Desktop 


D Documents 
} Downloads 
dd Music 

©) Pictures 
“ml Videos 


1 Trash 
© CentOS7x8.. & 


+ Other Locations 


svs =. d 
“home” selected (containing 1 item) 


JO [Settings] 


c) Note some of the key root directories. 
+ /boot—boot loader files. 
+ /etc—computer-level configuration files. 
e /var—variable files, such as logs, print spoolers, and cache. 
e /usr—shareable and read-only data and binaries. 
* /bin and /sbin—core and system binary files (applications). 
e /mnt—location for temporary file systems. 
+ /dev—files representing devices. 


d) You can see the top-level home directory here. If you open this you will see the 
directory for the centos user. 


Linux is predominantly configured via commands operating on text-based 
configuration files. 


a) Right-click the desktop and select Open Terminal. 

b) Inthe terminal window, type 1s -1 and press Enter. 

This displays a detailed list of files in the current folder (with permissions, modified 
date, and so on). 

c) Typecd desktop and press Enter. Why does this return an error message? 
The directory is Desktop, not desktop. Remember that the Linux file system is case- 
sensitive. 

d) Use the correct command to change to the Desktop directory then use Is to return a 
file list. Is the directory empty? 

e) Inthe terminal window, type v i and press Enter. 


This text editor opens in command mode. 
Note: For users familiar with Microsoft Windows editors such as Notepad, vi 


can seem challenging at first. With a little practice and memorizing some of 
the important modes and commands, it becomes easier to use. 
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f) Type i to switch to insert mode at the current cursor position. Notice that the bottom 
of the window now shows -- INSERT -- to indicate that you are in insert mode. Type 
the following lines: 

I'm learning to use vi 
It's easy when you know how 

g) Press Esc to exit insert mode and return to command mode, and then type dd 
Whenever you are about to issue a command, always use Esc first. 

h) Press Esc, and then type :w hello-vi.txt and press Enter to save the file as 
"hello-vi.txt" in the current directory. 


The :w is the command to write the file to the current directory. Linux doesn't require 
or use filename extensions, but adding a file extension helps users to identify the file 
type and makes it easier to share files with Windows users. 


i) Press Esc, and then type G followed by o. 


The G moves to the last line of the file. The lower case o opens a new line after the 
current line and places you in Insert mode. If you typed a capital O, it would open a 
new line before the current line. 


j) Type the following line: 
It could take a while 


k) | Press Esc, type : q! and press Enter to quit the editor without saving changes. 


If you typed :q without the !, you would see an error message that the file was not 
written since the last change and be prompted to issue the command with the ! to 
override and close without saving. 


I) Typecp hello-vi.txt ../Documents/and press Enter to copy the 
file to the Documents directory. 


m) Typecd / and press Enter to switch to the root directory. 


4. You can use the find and grep tools to search for files and file contents. Try to 
locate the httpd.conf file within the /etc directory, extract specific messages from 
the boot log (dmesg), and locate references to the network adapter (eth) in the 
system log (/var/log/messages). 


a) At the terminal, run the following command to get help on the find command. 
man find 


If you want to see more of the man page than fits on the screen, press Spacebar to 
view the next page, or press Enter to display the next line. 

b) Press q to quit the help file. 

c) Run the following command to locate httpd.conf (the principal configuration file for 
the Apache web server). 
find /etc -name 'httpd.conf' 
Observe that a lot of "Permission Denied" errors are returned. You can prefix the 
command with sudo so that the search can access those directories. Alternatively, 
you can filter out the errors by using grep. 
find /etc -name ‘httpd.conf! 2>&1 | grep -v 'Permission 
denied' 


Note: If this prints with a break in the command, enter it as a single 
command (ignoring the line break). 


The -v switch is a way of specifying NOT the matched string. The parameter 2>&1 
ensures that the error output is included in the string piped to grep. 


d) Run the command dme s g to show the contents of the boot log. 
You can see that this is a long list of output so using a search tool will be very helpful. 
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e) Run the following command to filter for events relating to initializing the disks: 
dmesg | grep 'sd\|lmount' 
Within the match expression, the pipe character (|) works as a logical OR. It must be 
escaped using \| however. The effect is to search for the keywords sd OR mount. 

f) | To search the system log for references to the network adapter, use the following 
command—confirm with Pa$$w0rd when you are prompted: 


sudo grep 'eth' /var/log/messages | less 


Note that less is similar to more. It allows you to view the output one page at a time 
but also to scroll back up through the output. 


g) Press q to quit viewing the output. 


Next, create a new user account named Sam with the password Pa$$w0rd. Create 
a group named SharedDisk and add Sam to the group. 


a) Create the new group first, by running the following command: 


sudo groupadd SharedDisk 
b) Create the new user account, and add it to the group with the following command: 


sudo useradd -G SharedDisk Sam 
c) Configure the user password by running the following command: 


sudo passwd Sam 


When prompted, enter and confirm the password as Pa$$w0rd 
Note that CentOS correctly advises you that this is a bad password to use. It is 
especially bad to use it for each user account, including root. 

d) To test the account, press Ctrl+Alt+F2 to open a new console. Enter the user name 
Sam and confirm the password when prompted. 

e) Switch back to the centos user console by pressing Ctrl+Alt+F1. 


The LX1 VM has a second virtual disk attached. For the next step, list the disks 
attached to the system, and then configure and format a file system on the 
second device. 


a) Inthe terminal window, type sudo fdisk -1 and press Enter. 


[administrator@lx5 ~]$ sudo fdisk -l 
WARNING: fdisk GPT support is currently new, and therefore in an experimental ph 
ase. Use at your own discretion. 


Disk /dev/sda: 68.7 GB, 68719476736 bytes, 134217728 sectors 
Units = sectors of 1 * 512 = 512 bytes 

Sector size (logical/physical): 512 bytes / 4096 bytes 

I/0 size (minimum/optimal): 4096 bytes / 4096 bytes 

Disk label type: gpt 

Disk identifier: BE17ECA1-B2EE-4873-B33F-5C867E3EB67E 


# Start End Size Type Name 

1 2048 411647 200M EFI System EFI System Partition 
2 411648 2508799 1G Microsoft basic 

3 2508800 134215679 62.8G Linux LVM 


Disk /dev/sdb: 10.7 GB, 10737418240 bytes, 20971520 sectors 
Units = sectors of 1 * 512 = 512 bytes 

Sector size (logical/physical): 512 bytes / 4096 bytes 

I/0 size (minimum/optimal): 4096 bytes / 4096 bytes 


Disk /dev/mapper/centos-root: 42.6 GB, 42601545728 bytes, 83206144 sectors 


b) Examine the results. 
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c) 


d) 


e) 


8) 
h) 


fdisk shows information about the disk. sda is the disk that CentOS is installed to 
while sdb is the unformatted disk. On sda, you can see three partitions, for the EFI 
system, boot files (note that fdisk reports XFS as "Microsoft basic"), and an LVM 
partition. Logical Volume Manager (LVM) is used to divide this partition into logical 
block devices, hosting volumes for root and home storage areas plus a swap partition. 
The advantage of using LVM, rather than basic partitions, is that the volumes can be 
shrunk or expanded or configured with some sort of RAID protection as required. 


Run sudo parted -1 and compare the output to fdisk. 


Note that par t ed correctly reports the file system type as XFS. Most other Linux 
distributions use ext3 or ext4, but XFS is the default in CentOS and RedHat. 


To use parted to initialize the disk and create a new partition using all the 
available disk space, run the following commands in sequence (press Enter after each 
command): 

sudo parted /dev/sdb 

print free 

mklabel gpt 

mkpart primary 

Respond to the prompts with the following input to choose a file system type and set 
the start and end of the partition: 

fat32 

0% 

100% 

Run the following commands to check the new partition was created successfully and 
quit parted: 

print 

quit 

Note the warning about updating /etc/fstab. While you have created a partition, you 
have not yet mounted it to make it available for file storage. /etc/fstab is a file 
containing a list of file systems to mount at boot time. 

Run 1 sb 1k to view the new disk and partition structure. 

Run the following command to format the new partition, using FAT32: 


sudo mkfs.vfat -n SharedDisk /dev/sdb1 


7. Create a directory to host the new partition and then mount it to that directory. 
See if you can set permissions to restrict use to the SharedDisk group. Use man 
mount to research the command syntax. 


a) 


b) 


Create a directory for the mount point, and then mount the partition using the 
following commands (ignore the line break in the mount command): 


sudo mkdir /media/disk1 
sudo mount -t vfat /dev/sdbl /media/disk1 -o 
rw,umask=0007,gid=SharedDisk,uid=Sam 


The mount options set the disk to read/write mode and configure the default 


permissions (uma s k). The mask contains values to subtract from the permissions 
granted, so this mask means files and folders are created on the partition with 0770 
(rwx for the owner and group but no permissions for "world"). If you were to set the 
mask to 0022, the default permissions would be 0755 (rwx for the owner, rx for the 
group and world). The gid and uid parameters set the default group and user. 

Run the following command to view the file systems formatted with XFS or FAT that 
are currently mounted: 


mount | grep 'xfs\lfat' 
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Note that the partition is only mounted temporarily. To mount at boot, the partition 
must be added to /etc/fstab. You won't attempt that in this activity. 


c) Runnano /media/disk1/hello.txt totry to create a text file onthe 
new partition. Add some text then use Ctrl+O plus Enter to try to save the file. 
Permission is denied. Only the user account Sam and members of the group 
SharedDisk have access. 


d) Press Ctrl+X to close nano, responding with n to the prompt. 

e) Run the following commands to add the centos user account to the SharedDisk group 
and then to make that group current. 
sudo usermod -a -G SharedDisk centos 
newgrp SharedDisk 

f) Runnano /media/diski/hello.txt tocreate a text file on the new 
partition. Add some text then use Ctrl+O and then press Enter to save the file. 
This should work. 

g) Press CtrI+X to close nano. 

h) Press Ctrl+Alt+F2 to switch to the Sam user's console. Run the following command to 
view the partition and open the file: 
cd /media/diskl 
ls -l 
nano hello.txt 


i) Check that you can modify the file then save and close it. 


Use the du and df commands to check disk space and usage, and then unmount 
the SharedDisk partition and run an integrity check using fsck. 
a) Press Ctrl+Alt+F1 to switch back to the centos user's console. 
b) Run the following command to show available space on all file systems except 
temporary ones: 
df | grep -v 'tmpfs' 
c) Run the following command to check how much space files in your home profile are 
using: 
du /home/centos 


d) Try to unmount the SharedDisk partition by running the following command: 
sudo umount /dev/sdb1 
Note the error. 


e) Switch to Sam's console and change focus to the default directory by running cd 
without arguments. 


f) | Switch back to the administrator console and run umount again—it should work 
this time: 
sudo umount /dev/sdbl1 

g) Use the following command to run an integrity check on the disk: 


sudo fsck.vfat /dev/sdbl 


Finally, use the ps and top utilities to report on process usage. 


a) Runps -ef toshow extended information (-f) about processes started by all users 


(-e). 
In the output, you can see the user and Process ID (PID). The "C" column shows an 
index of CPU usage. Note also the processes running in tty2 (Sam's console). 


b) Runthe top command. This is a simple means of showing which processes are most 
active. 


c) Press q to quit. 
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10. Use the command line to shut down the VM. 

a) Run the following command to try to shut down the VM. 
shutdown -h now 

b) Scroll up to locate the PID (the number in the second column of the ps-ef output) for 
Sam (or rerun the ps -ef command) and record the PID for Login - Sam. Run the 
following commands to kill Sam's session and shut down: 
sudo kill SamPID 
shutdown -h now 


Note that you are just using the ki 11 command for this activity. This is not a good 
way to end a user's session. 


11. At the end of each activity, you need to close the VM. You will always discard any 
changes you made. 


a) From the connection window, select Action—Revert. 
b) Ifyou are prompted to confirm, select the Revert button. 
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Topic B 


Configure and Use macOS 


EXAM OBJECTIVES COVERED 
El 1002-1.3 Summarize general OS installation considerations and upgrade methods. 


1002-1.9 Given a scenario, use features and tools of the Mac OS and Linux client/desktop 
operating systems. 


Mac® computers from Apple® use the macOS® operating system. Mac users tend to be 
found in art, music, graphic design, and education because macOS includes apps 
geared to those audiences. In this topic, you will examine some of the important 
features and functions of macOS. 


APPLE MACS AND macOS 


macOS is the generic name for the operating system that powers Apple Mac 
computers. It was formerly known as Mac OS (from launch until 2001) and then OS X 
(from 2001 through to 2016). All macOS versions are based on UNIX technology, and 
many "under the hood" commands are shared between the two operating systems. 


Whereas Microsoft Windows can be installed and used on any PC with Intel 
architecture, macOS may only be installed on Apple's own hardware. By creating what 
has become known as a "walled garden" for their computers and software, Apple has 
been able to impose strict quality controls on the apps and devices that are available 
for the Mac. This has ensured that, compared to Windows, there are fewer outbreaks 
of viruses and malware and fewer system stability issues caused by faulty drivers or 
application/device conflicts. 


Note: You might hear the term "Hackintosh," which refers to installing macOS on non- 
Apple hardware, often as a virtual machine. Apple's license agreement only permits 
installation on Apple hardware. 


Note that macOS and iOS are separate operating systems. There are several visual and 
operational similarities between macOS and iOS and there are utilities to exchange 
information between the two, but it is not possible to run programs built for macOS on 
iOS and vice versa. iOS® is purely an OS for the iPhone® and iPad®, whereas macOS is 
only used for desktop and laptop computers. 


OS X AND macOS VERSIONS 


Since its release in 2001, OS X (and now macOS) has undergone regular 10.x updates 
and revisions to keep pace with updates to Apple Mac hardware. Updates and new 
versions are distributed free of charge through the App Store. OS X versions were 
originally named after big cats and then places in California; something that continues 
with the latest macOS releases. 


Unless the hardware is particularly old and can't be upgraded, most Apple Mac 
computers will now be running macOS High Sierra (10.13) or macOS Mojave (10.14). OS 
X 10.7 (Lion) is the earliest release that is still supported by Apple. If your Macintosh 
computer meets the minimum requirements for OS X installation, the hardware should 
all be compatible with the latest version of macOS. You can verify that your hardware is 
supported by examining the technical specifications at support.apple.com/specs. 
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APPLE INPUT DEVICES 

You should be aware of some differences between the input devices used for Macs 
and those used for PCs. 

Apple Keyboards and Mice 


Although a Windows keyboard can be used on an Apple Mac (and vice versa), there are 

a number of differences between the keys: 

* Command—the equivalent of Ctrl on a Windows keyboard. For example, 
command¢+C will copy to the clipboard as Ctrl+C does on a Windows computer. If 
you're using a Windows keyboard on a Mac, use the Windows key as the command 
key. 

* Option—equivalent of the Alt key. 

* Control—not the equivalent of Ctrl on a Windows keyboard! 

Apple mice do not feature obvious buttons. Older mice have five sensors that can be 

set to different actions via System Preferences. The later Magic Mouse models have 


a touchpad surface with gesture support. The Magic Trackpad has a larger working 
surface. 


a) Note: You can set up right-click in System Preferences or use Control+click. 


APPLE MAGIC TRACKPAD AND GESTURE SUPPORT 


Like the Magic Mouse®, the Magic Trackpad® supports gestures to control the user 
interface. Apple introduced gestures as a simple way to control macOS from a Magic 
Trackpad or built-in trackpad of a MacBook®. To see what gestures are available on the 
Mac or to change any of the settings, go to System Preferences—Trackpad. 


Point & Click Bai ESA | More Gestures 


Scroll direction: Natural 
Content tracks finger movement 


Zoom in or out ‘ = suse 
Pinch with two fingers y on RSP cca 


Smart zoom 
Double-tap with two fingers 


Rotate 
Rotate with two fingers 


OOD SEEROSGRFATSOODH 


Trackpad battery level: m) 98% Set Up Bluetooth Trackpad... ? 


Configuring the trackpad. (Screenshot courtesy of Apple.) 
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macOS FEATURES 


If you are using an Apple Mac computer for the first time, you will notice that the 
desktop and user interface is similar to a Windows-based PC in some respects but very 
different in others. As with Windows, a Mac boots to a graphical desktop environment. 
Any apps that have been installed and configured to launch at boot will also start. 


At the top of the screen is the menu bar. This is always present with all apps, but the 
menu titles shown will vary between different software. 


G Photoshop CC File Edit Image Layer Type Select Filter 3D View Window Help 


@ Word File Edit View Insert Format Tools Table Window Help 


@ Finder File Edit View Go Window Help 


Menu bars with different apps running. (Screenshot courtesy of Apple.) 


To the left of the menu bar is the Apple menu, represented by the Apple icon € The 
items are consistent on this menu for all apps. Some of the key menu items are: 


* About this Mac: Displays basic support information about the computer. 


@ 9 Displays Storage Support = Service 


macOS Mojave 


= Version 10.14 


MacBook Pro (13-inch, 2016, Two Thunderbolt 3 ports) 
Processor 2 GHz Intel Core i5 

Memory 8 GB 1867 MHz LPDDR3 

Startup Disk Macintosh HD 

Graphics Intel Iris Graphics 540 1536 MB 

Serial Number C17SH5X9GVC1 


System Report... Software Update... 


About this Mac. (Screenshot courtesy of Apple.) 

* Displays: Shows the current display and its configuration. Click Displays 
Preferences to change the display resolution of the screen, to calibrate the color 
settings, or to AirPlay the display to a device such as an Apple TV. 

* Storage: Shows the capacity and current usage of the internal hard drive as well as 
any external drives that are connected to the Mac. 

* Service: If the computer is under warranty or is protected by the AppleCare 
Protection Plan, clicking on the relevant links will bring up more information about 
the available support options. If there is a significant fault with the computer and it 
is covered by warranty or AppleCare, it is recommended that you follow the 
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instructions and obtain help and support through an Apple Authorized Service 
Provider. 


In the top-right corner of the menu bar is the Status menu. This gives quick access to 
important key features of the computer. 


Ze@aGPseniBDOoeSur#ea Tue 11:57 Q = 


Status menu options vary according to the software that is installed (from left to right: Dropbox, Adobe 
Creative Cloud, Google Drive, Wacom Tablet, Evernote, Ring, Todoist, Skype, Arq, Skyfonts, Displays, 
Bluetooth, Wi-Fi, Drives, Keyboard Preferences and Day/Time). (Screenshot courtesy of Apple.) 


THE DOCK 


The dock at the bottom of the screen gives one-click access to your favorite apps and 

files, similar to the taskbar in Windows. You can change the way the dock behaves—to 
configure autohide or position it at another edge of the screen—by right-clicking near 
the vertical line at the right of the dock. 


The dock contains the Finder and Trash icons by default. (Screenshot courtesy of Apple.) 


To add a new app or file to the dock, click and drag the icon of the app/file into the 
dock. The Finder and Trash icons are always available in the dock. Apps that are open 
in the dock display a dot below the icon. 


Right-click any dock icon to change how that app/file behaves. In the options menu, 
you can remove that icon from the dock, select Open at login to start the app when 
the computer boots, and Show in Finder to find the location of the target file. 


SPOTLIGHT SEARCH 

Spotlight Search can be used to find almost anything on macOS. To start a new 
search, click the magnifying glass in the menu bar or press Command+Space to bring 
up the search box. You can change the document types that are searched in 
Preferences. If you wish to specifically exclude locations from Spotlight search, click 
the Privacy button to add a folder or drive to the excluded results. 


SYSTEM PREFERENCES 

The System Preferences panel is the equivalent of the Windows Control Panel. It is 
the central "go-to" place for changing settings and network options, and optimizing a 
macOS configuration. 


Lesson 13: Installing, Configuring, and Maintaining Operating Systems | Topic B 


The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 791 


ea ji System Preferences [Qsearch  ] 
: p J a Q 
One 


General Desktop & Dock Mission Language Security Spotlight Notifications 
Screen Saver Control & Region & Privacy 
my = © & 
= J BS : m AN men 
Displays Energy Keyboard Mouse Trackpad Printers & Sound Startup 
Saver Scanners Disk 
a = 
4 a 
iCloud Internet Software Network Bluetooth Extensions Sharing 
Accounts Update 
2 ® aog 
Users & Parental Siri Date & Time Time Accessibility 
Groups Controls Machine 
Flash Player 


System Preferences. (Screenshot courtesy of Apple.) 


You can access the System Preferences panel from the Apple menu, from the 
System Preferences icon in the dock, or by entering system preferences from 
Spotlight Search. 


Note: If you are not sure where you would change a specific option, just start typing its 
name in the search box. For example, typing password in the search box will highlight all 
the options where a password may be set. 


MISSION CONTROL AND MULTIPLE DESKTOPS 

It is possible to configure macOS with multiple desktops (or spaces) using the 
Mission Control feature. This enables the user to set up one or more desktops with 
different sets of apps, backgrounds, and so on, which is an easy way of managing tasks 
more effectively. 


To set up a new desktop, activate Mission Control with the F3 key. At the top of the 
screen, it will display a small image of the current desktop with all the open apps 
below. Move your cursor to the top-right corner of this screen. A tab with a plus 
symbol will appear from the right. Click on it and a second desktop (Desktop 2; the 
original will have been renamed Desktop 1) will appear at the top. The open apps 
shown will still be running on Desktop 1. If you want an app to only run on Desktop 2, 
click its window and drag it on to the Desktop 2 screen at the top. 
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CompTIA A+ 


Mission Control. (Screenshot courtesy of Apple.) 


It's possible to configure this further from the app menu in the dock. Right-click on an 
app and you will see the following menu: 


V Keep in Dock 
y ere Penn V Open at Login 
Options Show in Finder 


i Assign To 
All Desktops 


This Desktop 
V None 


Configuring Mission Control. (Screenshot courtesy of Apple.) 


As well as the standard options in the top half of this menu, you can choose to make 
an app available to all desktops, the currently displayed desktop, or no desktops at all. 
To switch between desktops, press the F3 key and choose a desktop. Alternatively, 
press control+left or Control+right to cycle between screens. You can also swipe left 
or right with three/four fingers on the trackpad, depending on how it is configured. 

To remove a desktop, press F3 and hover the cursor over the desktop to be deleted, 
then click its Close icon. All apps associated with that (now deleted) desktop will revert 
to the main desktop. 
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macOS FILE MANAGEMENT 


The Finder is the macOS equivalent of Explorer in Windows. It lets the user navigate 
all the files and folders on a Mac. It is always present and open in the dock. 


The Finder icon. (Screenshot courtesy of Apple.) 


When you first select Finder, it displays your most recently used files under Recents. 
Selecting one of the favorites in the sidebar will change that view. For example, 
selecting Applications will show the apps within that default macOS folder. 


eee © Applications 
< El=j02 g~v #- z vio 
Favourites 
z? Z, 
<> Dropbox P D 
a A po x P 
@ AirDrop < E 
E Desktop App Store Automator Books Calculator Calendar Chess Contacts Dashboard 
(+) Downloads 


>> Applications È 
B Recents Gc J 


iCloud Dictionary Dropbox Evernote FaceTime Font Book GarageBand Google Chrome Home 
© iCloud Drive 


J- e @OF@8 Fe = 


Locations = 
Image Capture iMovie iTunes Keynote Launchpad Mail Maps Messages 
k Macintosh... s p 7 s j i 


© Remote Disc 
@ Network = a 
z 
= 
Tags — 


© Yellow Microsoft Excel Microsoft Microsoft Outlook Microsoft Microsoft Word Mission Control News Notes 
OneNote PowerPoint 


@ Green 

@ Purple os =a —) \e \ 
[ io A t a 

@ Red il ie | | 

@ Orange Ct 


Numbers Pages Photo Booth Photos Preview QuickTime Player Reminders Safari 
All Tags... 


Finder with Applications selected. (Screenshot courtesy of Apple.) 


HFS PLUS AND APFS 

Where Windows uses NTFS and Linux typically uses ext3 or ext4, Apple Mac 
workstations and laptops use the Extended Hierarchical File System (HFS Plus). HFS 
Plus supports many of the same features as NTFS but cannot perform native file/folder 
encryption. The maximum volume and file size is 8 ExaBytes. The only reserved 
characters are: and /. 


In macOS High Sierra and later, HFS Plus updated to the Apple File System (APFS), 
which does support native file encryption. It also provides better support for SSDs. 
Upgrading to High Sierra (or later) automatically converts the startup volume from HFS 
Plus to APFS if the disk is an SSD. Otherwise, the file system can be converted without 
data loss using the Disk Utility. 


Note: While data loss is not expected, always make a backup before performing this type 
of operation. 


OPTICAL DRIVES AND REMOTE DISC 

Since 2016, no Apple Mac has been sold with an internal optical drive. While an 
external USB drive can be used, another option is the Remote Disc app, which lets the 
user access a CD/DVD drive on another Mac or Windows computer. This isn't suitable 
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for audio CDs, DVD movies, recordable CDs/DVDs, or Windows installation disks, 
however. 


To set up Remote Disc sharing on a Mac, open System Preferences—Sharing then 
make sure the check box is ticked next to DVD or CD sharing. To access the optical 
drive, click Remote Disc in Finder. The Mac with the drive that has just been 
configured will be displayed. Click its icon to access the drive. 


iCloud 

iCloud is Apple's online storage solution for its users. It provides a central, shared 
location for mail, contacts, calendar, photos, notes, reminders, and so on, across 
macOS and iOS devices. By default, each user is provided with 5 GB of storage (at the 
time of writing), although it is possible to upgrade to more space for an additional 
monthly fee. This space is shared across all iCloud® components and devices. 


A keychain password cache can also be stored in iCloud to enable easy login to 
websites across macOS and iOS devices. 


To manage iCloud, open icloud.com and sign in using an Apple ID. To see usage, click 
the user name in the top-right of the browser window and select Settings. This will 
show the amount of storage used and the devices that are linked to this account. 


iCloud Settings ~ S -0 
S Apple ID Language Time Zone / Formats 
Manage @ English (U.S.) ~ United States Time / United States 
Storage 
My Devices 


D 2 


S 's MacBook Pro S 's Apple Watch 


Ss 


Living Room s 's iMac (2) 


Family Sharing 


m 


S E z G 


Advanced 


Restore Files Sign Out Of All Browsers Manage Apps That Can Look You Up 
Restore Contacts 

Restore Calendars and Reminders 

Restore Bookmarks 


Configuring iCloud. (Screenshot courtesy of Apple.) 
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macOS USERS AND PASSWORDS 


An Administrator account and an optional Guest User account are created when 
macOS is installed. To add a new account, open System Preferences—Users & 
Groups. Four types of account are available: Administrator, Standard, Managed 
with Parental Controls, and Sharing Only. The user's password can either be from 
iCloud or a separate password. 


* Administrator: This is the user type created when you set up your Mac computer. 
From this user, additional administrator users or other user types can be created. 
An administrator user can convert users between standard and administrator user 
types. This user type should never be configured for automatic login as this could 
result in someone restarting the computer and gaining access to the user with 
administrator privileges. 

* Standard: This type of user can change their own settings, but not those of other 
users. They can also install apps for their own account. This user cannot create 
additional users or change the settings of other user accounts. 

+ Managed with Parental Controls: The administrator specifies which apps and 
other content can be accessed by this user type. The websites that can be accessed 
can also be restricted by the administrator. In addition, time limits can be 
implemented for when the user can use the computer. 

* Sharing Only: This type of user is created to give someone permission to access 
your shared files or to share your screen. The user cannot log in to the computer 
and cannot make changes to any settings on the computer. In order to give 
someone sharing permission, configure settings in the Sharing preferences. 


APPLE ID 


When first setting up an Apple Mac, the user will be assigned an Apple ID that is based 
on the sign-in email address. This Apple ID is used for purchases from the App Store, 
accessing iCloud and other functions. A user may already have an Apple ID from 
previous iTunes purchases or an iOS device. 


KEYCHAIN 


The Keychain® in macOS helps you to manage passwords for websites and Wi-Fi 
networks. This feature is also available as iCloud Keychain, which makes the same 
passwords securely available across all macOS and iOS devices. The Keychain makes 
password management much easier, but occasionally problems can happen. If there 
are any problems, they will be identified by the Keychain Access app (in Utilities). 


If warning messages are displayed, it's possible to attempt a repair with Keychain First 
Aid. Launch this from the Keychain Access menu. After entering an administrator 
password, select either Verify or Repair. If the problem persists, try resetting the 
Keychain itself. Select Keychain Access—Preferences. Select Reset My Default 
Keychains to create a new empty keychain. 


If you have forgotten a password, search for the website by typing into the search box. 
From the results, select the password that you want to view or change. Check the box 
for Show password and enter an administrator password to reveal the password for 
that device or service. 
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eeo Keychain Access 
E The iCloud keychain cannot be locked. Q 
Keychains 
login Kind: Web form password 
> iCloud Account: ke! 
f@ System Where: https://ke :2083 
System Roots Modified: 10 Apr 2018 at 19:11:01 
Name Kind Date Modified ^ Keychain 
u a ee SEES ee ee 
© Web form password 27 Mar 2018 at 11:39:54 iCloud 
@ Web form password 27 Mar 2018 at 11:39:54 iCloud 
© Web form password 27 Mar 2018 at 11:39:54 iCloud 


2. com.apple.account.SMTP.password application password 27 Mar 2018 at 11:54:06 iCloud 
rA com.apple.account.SMTP.password application password 27 Mar 2018 at 11:54:06 iCloud 
L. com.apple.account.SMTP.password application password 27 Mar 2018 at 11:54:06 iCloud 
ka com.apple.account.SMTP.password application password 27 Mar 2018 at 11:54:06 iCloud 


Category @ Web form password 29 Mar 2018 at 09:41:09 iCloud 

A All Items (©) Web form password 3 Apr 2018 at 15:09:25 iCloud 
TA Passwords Web form password 10 Apr 2018 at 19:11:01 iCloud 
< Secure Notes @ Web form password 11 Apr 2018 at 19:18:17 iCloud 
E My Certificates (©) Web form password 11 Apr 2018 at 19:18:17 iCloud 
? Keys © Web form password 13 Apr 2018 at 09:32:19 iCloud 
E certificates @ Web form password 13 Apr 2018 at 09:32:19 iCloud 
TA Safari Developer Defaults application password 13 Apr 2018 at 17:02:36 iCloud 

@ Web form password 13 Apr 2018 at 20:49:09 iCloud 

@ appleid.apple.com Web form password 13 Apr 2018 at 20:49:09 iCloud 

rA Safari History Key application password 14 Apr 2018 at 09:45:56 iCloud 

@ Web form password 14 Apr 2018 at 09:46:02 iCloud 

@ Web form password 14 Apr 2018 at 18:16:44 iCloud 

@ Web form password 20 Apr 2018 at 11:44:10 iCloud 


Bl 
+ 


Copy 1,378 items 


Keychain Access tool. (Screenshot courtesy of Apple.) 


If other people have access to the Mac, it is wise to restrict access to the Keychain. To 
do this, select the Keychain, then under the Edit menu, select Change settings for 
Keychain Name, where Name is the Keychain selected. 


“login” Keychain Settings 


/ At _ Lock after 5 ¢ minutes of inactivity 


{v 


Lock when sleeping 


Cancel Save 


Securing a Keychain. (Screenshot courtesy of Apple.) 


macOS SOFTWARE MANAGEMENT 


There are two main distribution mechanisms for macOS apps: the App Store and app 
downloads. 


APP STORE 


Much like the store for iOS devices, the App Store provides a central portal for Apple 
and developers to distribute free and paid-for software. It is also used to distribute 
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updates to macOS and new releases of the operating system. The icon for the App 


Store is @, 
eee 
| {_Q Seareh 5 F GET STARTED 
Mind maps for beginners 
Discover 
k Elevate your brainstormer abilities with 
Pa Create MindNode 5. 
| H Work 
@ Play 
_ 2 Develop 


Categories 


@ 
| (4] Updates 


FROM THE EDITORS 
The all-new Mac 
App Store 


Reimagined from the ground up. 


OUR FAVOURITES 
Apps for designers 


Chanrel your creativity, hone your skills and make your 
pixels perfect. 


1 eA 


New Apps and Games We Love See All 


Before the Storm 
One person changes everything 


Meow Match™ 
Match, Decorate, and Relax! 


| Fantastic Chefs 
Puzzle Cooking Extravaganza! 


£25.99 GET GET 


Final Draft 11 Boom 3D: Surround 4) Donut County 
It all starts with a script Sound Audio mn Be a hole 
Music 

£169.99 £16.99 £12.99 
| Top Paid See All 
| 1 Logic Pro X 4 djay Pro2 P 7 Notability 

M s| @m... @ Music: cranked up £199.99 Award-winning £48.99 E Quick notes £9.99 
Le toX Du software jrenpp Puani & annotation 


App Store. (Screenshot courtesy of Apple.) 


DOWNLOAD APPS 

Microsoft Office, Adobe® Creative Cloud®, and Skype® are just three examples of apps 
that are not available in the App Store. To install any of these apps, it is necessary to 
download them from the vendor site, ensuring that you select the macOS version. 
macOS download apps are normally distributed as .DMG (disk image) installer files. 
Follow the on-screen instructions to install the app. The last step will almost certainly 
ask you to copy the file to the Applications folder. 


=a, 
= 


Skype_7.17.377.dmg 
41.5 MB 


Disk Image file. (Screenshot courtesy of Apple.) 
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By default, macOS will only allow apps to be installed that have been downloaded from 
the Mac App Store. To allow the installation of download apps, go to System 
Preferences—Security & Privacy. Click the padlock to make changes to the settings— 
you will need to enter the Administrator password to continue. 


Always use the installer package to remove apps that are no longer required. 
Updates for apps that have been downloaded outside of the App Store are usually 


managed within the app itself. For example, Microsoft Office runs a regular auto- 
update to check for new versions and security updates. 


APPLICATION COMPATIBILITY 

If you need to use Mac OS 9 applications on an OS X/macOS system, you can do so in 
the Classic environment. To use the Classic environment, you must have a Mac OS 9 
System Folder installed on your computer, either on the same hard disk as macOS, or 
on another disk or disk partition. 


BOOT CAMP AND WINDOWS 


Boot Camp is a utility supplied with macOS that allows a full Windows installation to 
be made on a Mac. Once installed and Windows set up, the user has a choice of either 
operating system when booting the computer. In summary, the installation process for 
Windows on macOS is as follows: 


1. Ensure that the Apple Mac meets the system requirements for the version of 
Windows that is to be installed. 

2. Obtain an ISO disk image of Microsoft Windows. 

3. Run Boot Camp Assistant from the Applications—Utilities folder. 


Note: More comprehensive information about running Boot Camp Assistant can be 
found at support.apple.com/HT201468. 


4. Follow the on-screen instructions to repartition the hard drive on the Mac. 
5. Format the new Windows partition and install Windows on it. 


To boot into the Windows partition, press and hold the OPTION key as the Mac boots. 
Select the Windows partition from the Startup Manager. 


APP CRASHES AND FORCE QUIT 

When an app is busy or processing a complex request, the spinning wait cursor will 
appear and usually disappear again within a few seconds. Should it remain visible for 
longer, it is possible that the app has gone into an endless loop or entered a state 
where it is not possible to complete its process. 


Note: The spinning wait cursor is also known as the spinning wheel, spinning pinwheel, 
and the spinning beach ball of death! 


If a macOS app stops responding, it should be possible to close it down and restart 
without having to restart the computer. Run Force Quit from the Apple menu (always 
available in the Menu Bar) or press commandtoptiontesc. You will probably need to 
switch into another app or window to be able to do this. 


Select the app that isn't responding—Mail in the example shown in the following figure 
—then click Force Quit to close it down. 
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If an app doesn’t respond for a while, select its 
name and click Force Quit. 


D Dreamweaver CC 
$ Evernote 

* Grab 

% iPhoto 

A Keychain Access 
@, Mail 

© Messages 

E Photoshop CC 


You can open this window by pressing 


Command-Option-Escape. Force Quit 


Using Force Quit to stop an app that is not responding. (Screenshot courtesy of Apple.) 


It will prompt for a confirmation that you really want to force the app to quit, then 
show a dialog box enabling you to send a troubleshooting report to Apple. 


Clicking Report will produce diagnostic information and a crash dump. It is always 
useful to report errors as they may point to an undocumented feature in macOS that 
needs to be addressed in a future update. 


TROUBLESHOOTING AN APP 

If an app constantly crashes, take the following steps: 

* Ensure the latest version of the app is installed. 

e Ifthe crash only happens with a specific document or file, try recreating that file 
from scratch in case it is corrupt. 


+ Uninstall the app by dragging it to Trash and reinstall from either the App Store or 
the third-party vendor's site. 


macOS DIAGNOSTIC UTILITIES 


macOS has several utilities that are provided as part of a default installation. You can 
find these utility apps in the Other folder in Launchpad, and in the Utilities folder 
under Applications. 


SYSTEM INFORMATION 


The System Information app provides detailed diagnostic information about your 
Mac. 


SCREEN SHARING 


Screen Sharing allows another user to view your macOS desktop and operate the 
computer from another Apple Mac or a computer or device installed with VNC Viewer. 
Configure Screen Sharing via System Preferences—Sharing. Enable screen sharing, 
then choose how users are authorized to connect. You can restrict access to specific 
Mac accounts or groups or a subset of those users as well as allow users to connect by 
requesting permission. VNC users can be configured to access the computer using a 
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password. Connect to another macOS computer with screen sharing enabled by 
opening it via the Shared folder in Finder. 


ACTIVITY MONITOR 

Activity Monitor is used to watch CPU, memory, energy, disk, and network usage. Use 
this app if you want to track unusual activity or patterns on the Mac and to try and 
establish if a specific app or process is causing overload of resources. 


eee Activity Monitor (All Processes) 
tv 0m Memory Energy Disk Network Q 
Process Name % CPU CPU Time Threads Idle Wake Ups PID User 
BB Activity Monitor 5.2 4.29 5 1 6979 s 
a WacomTabletDriver 3.1 10:41.28 6 4 458s 
[ow] Dreamweaver CC 2.9 34:58.97 36 77 2306 s 
WindowServer 2.8 47:49.84 8 4 237 _windowserver 
kernel_task 2.2 41:15.43 160 60 O root 
 CEPHtmlEngine 1.8 19:47.72 23 31 2322s 
launchservicesd 1.2 8:05.58 4 ie} 109 root 
sysmond 1:2 7.34 3 ie} 531 root 
»4 WacomTouchDriver 1.1 7:10.33 4 Oo 520s 
Å Keychain Access 0.9 8.10 6 4 6867 s 
@ Safari 0.7 14:38.40 12 0 873s 
Adobe CEF Helper 0.5 7:56.28 15 4 650 s 
Creative Cloud 0.3 4:34.16 28 3 475 s 
& Microsoft Outlook 0.3 9:20.02 24 6 860s 
Adobe CEF Helper 0.2 3:41.74 9 0 631 s 
® spotify 0.2 3:27.44 39 16 499 s 
@ Ring 0.2 56.87 9 1 395s 
Spotify Helper 0.2 2:26.65 14 2 629 s 
AdobeCRDaemon 0.2 1:35.82 3 ie} 558 s 
fa) Backup and sync from Google 0.2 3:45.00 40 6 348 s 
AdobeCRDaemon 0.2 1:47.16 4 1 666 s 
(Ss) Core Sync 0.2 2:27.33 32 5 664 s 
AdoheCRNaemon 0.2 — 1:46.04 3 o 65? s 
System: 2.88% CPU LOAD Threads: 2575 
User: 4.67% Processes: 481 


Idle: 92.45% ; 


Activity Monitor. (Screenshot courtesy of Apple.) 


CONSOLE 


The console records error and log messages and helps you to diagnose problems 
within macOS. 
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ese 
Q © 2) © i) 
Now Activities Clear Reload Info 
Errors and Faults 
AEA Time Process 
=S ’s iMac (2) 12:09:28.130849  Micros.. 
0 S 12:09:28.130867 Micros... 
O s 'S Apple Watch 12:09: 28.130896 Micros... 
12:09:28.130914 Micros... 
eRe 12:09:28.130934 Micros... 
12:10:10.883034 Micros... 
E system Reports 12:10:10.883092  Micros.. 
i User Reports 12:10:10.883189 Micros... 
D SEn 12:10: 10.883234 Meros 
=a 12:10:10.883331 Micros. 
> E ~/Library/Logs 12:10:10.8835@9 Micros. 
+H /Library/Logs 12:10:10.8836@3  Micros.. 
> Gl /varflog 12:10:11.524848  apsd 
Subsystem: -- Category: -- 


Console (1,024 messages) 


Q 
Share 


Message 


Lun apyernmescaye+uumaatte 
com.apple.message.domain: 
com.apple.message.domain: 
com.apple.message.domain: 
com.apple.message.domain: 
com.apple.message.domain: 
com.apple.message.domain: 
com.apple.message.domain: 
com.apple.message.domain: 
com.apple.message.domain: 
com.apple.message.domain: 
com.apple.message.domain: 
com.apple.message.domain: 
com.apple.message.domain: 


Details 


Cun rappae wus ersor vase’ 
com.apple.coretls.client_finished.cs com.apple.message.signature: tls.. 
com.apple.coretls.client_finished.key_type com.apple.message.signatur.. 


Li andoncurpy Cul appre smesouys. ILYA LULU 


com.apple.coretls.client_finished.kxSigAlg com.apple.message.signatur.. 
com.apple.coretls.client_finished.curve com.apple.message.signature:... 
com.apple.coretls.client_finished com.apple.message.signature: tls co. 
com.apple.coretls.client_finished.config com.apple.message.signature:. 
com.apple.coretls.client_finished.pv com.apple.message.signature: tls. 
com.apple.coretls.client_finished.cs com.apple.message.signature: tls. 
com.apple.coretls.client_finished.key_type com.apple.message.signatur.. 
com.apple.coretls.client_finished.kxSigAlg com.apple.message.signatur.. 
com.apple.coretls.client_finished.curve com.apple.message.signature:.. 
com.apple.coretls.client_finished com.apple.message.signature: tls CO. 
com.apple.apsd.15918893 com.apple.message.signature: 1st Party com. ap.. 


Use the console to view the log and diagnostic reports. (Screenshot courtesy of Apple.) 


TERMINAL 


The Terminal is the equivalent to the Windows Command Prompt window. Use 
Terminal to run network troubleshooting utilities such as the ping command, or enter 
advanced commands to modify the macOS environment—with care! 


iL 


N 


S 


— -bash — 80x24 


Last login: Mon Sep 17 09:34:20 on console 
1$ ping comptia.org 
PING comptia.org (198.134.5.6): 56 data bytes 


5 -iMac-2:~ sj 


64 bytes from 198.134.5.6: icmp_seq=0 ttl=46 time=133.523 ms 
|64 bytes from 198.134.5.6: icmp_seq=1 ttl=46 time=134.533 ms 
64 bytes from 198.134.5.6: icmp_seq=2 ttl=46 time=133.013 ms 
64 bytes from 198.134.5.6: icmp_seq=3 ttl=46 time=134.008 ms 
| 64 bytes from 198.134.5.6: icmp_seq=4 ttl=46 time=133.283 ms 
AC 


|S -iMac-2:~ s 


--- comptia.org ping statistics --- 
|5 packets transmitted, 5 packets received, 0.0% packet loss 
round-trip min/avg/max/stddev 


1$ [] 


133. 013/133. 


672/134. 533/0.541 ms 


Terminal. (Screenshot courtesy of Apple.) 
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macOS RECOVERY 


macOS includes a set of utilities that you can use to restore a Mac from the Time 
Machine backup program, to reinstall macOS from a system image, or to reformat or 
repair the system disk. 


To access the Recovery menu, as you power up the Apple Mac hold down the 
command:?R keys until you see the Apple logo. After selecting your language, it will 
boot into macOS Recovery, enabling you to select from the options shown in the 
following figure. 


macOS Recovery menu. (Screenshot courtesy of Apple.) 


When you reboot an Apple Mac, if the startup drive is not available for any reason and 
it's connected to the Internet, the computer will try to boot from a web-based drive. 


Use a Time Machine snapshot backup if you want to restore the Mac to a specific 
point in time; for example, if you have replaced or reformatted the hard drive. 
Alternatively, if you have created a disk image (.DMG) as a restore point, use the Disk 
Utility option to restore from that file. It's also possible to restore disk images from a 
web link. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vl and job aids on How to Configure and Use macos. 
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Activity 13-3 


Discussing macOS Features and Tools 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Where would you look for the option to view and configure wireless adapter 
status in macOS? 


2. How do you activate Spotlight Search using the keyboard? 


3. Where would you change the default gestures on a Magic Trackpad? 


4. What is the name of Apple's multiple desktop management feature? 


5. What is the equivalent of Explorer in macOS? 


6. What app would you use to install Windows 10 on a Mac? 


7. What is the correct name for the spinning beach ball of death? 
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Topic C 


Install and Upgrade Operating Systems 


EXAM OBJECTIVES COVERED 
a 1002-1.3 Summarize general OS installation considerations and upgrade methods. 


1002-1.4 Given a scenario, use appropriate Microsoft command-line tools. 


Being able to install or upgrade an operating system can be important if you have built 
a custom computer system from scratch, if the system you purchased from a vendor 
did not have the correct system installed, or if you are completely redeploying existing 
hardware from one system to another. 


The skills and information in this topic will help you plan and perform an OS 
installation properly, for whatever your technical and business requirements might be. 


OS INSTALLATION TYPES 


An operating system installation copies the OS system and bundled application files 
from the installation media to a partition on the target computer's fixed disk. OS setup 
scans the computer for hardware devices and loads appropriate drivers. The user may 
be prompted for information about the computer name, network settings, and the 
primary user account. 


OS INSTALLATION OVERVIEW 


The installation of an operating system should be carefully planned. It will consist of 
the following phases: 


1. Select an installation method—attended or unattended, and clean install or in- 
place upgrade, for example. 

2. Check compatibility—that the core components of the computer are sufficient to 
run the OS and that peripheral devices have drivers suitable for use with the OS. If 
upgrading, you also need to check application compatibility and establish the 
upgrade path. 

3. If upgrading, back up any existing user data or settings. 


This is obviously not necessary if installing to a new computer, but is a vital step if 
you are replacing (rather than upgrading) an existing installation. While it takes 
more time, performance and reliability can be improved by performing a clean 
install. 


Note: If you are performing an in-place upgrade, you should also make a full 


Q system backup before proceeding so that the upgrade can be rolled back should 
anything go wrong. 


Choose a boot method to use to load the OS setup files. 

Prepare the fixed disk and copy setup files to the target. 

Configure installation options. 

Verify installation—check logs and complete tests to confirm that installation has 
succeeded. 


NOW S 


ATTENDED AND UNATTENDED INSTALLATIONS 
An installation where the installer inputs the configuration information in response to 
prompts from a setup program is called an attended installation, whereas an 
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installation that derives configuration information from a file designed for that 
purpose is called an unattended installation. 


CLEAN INSTALL OR IN-PLACE UPGRADE 


There are two main approaches to performing an attended installation: 


* Clean install—means installing the OS to a new computer or completely replacing 
the OS software on an old one. Any existing user data or settings would be deleted 
during the setup process. 

+ In-place upgrade—means installing on top of an existing version of the OS, 
retaining applications, user settings, and data files. 


A clean install is generally seen as more reliable than upgrading. In a corporate 
network environment, installations are completed using images (a template containing 
the OS and required software) so that machines use a consistent set of software and 
configuration options. PC vendors also use images to install new systems for sale. 


Upgrades are generally designed for home users. Upgrade software can be purchased 
at a discount. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vf and job aids on How to Back Up Data and Settings. 


COMPATIBILITY CONSIDERATIONS 


Before you install or upgrade the OS on a computer, you must make sure that the 
computer hardware supports the new OS version. You may also need to check that any 
existing software applications will run under the new version. 


OS COMPATIBILITY/UPGRADE PATH 

If you are considering upgrading, you must check that the current OS version is 
supported as an upgrade path to the intended version. The OS vendor should publish 
supported upgrade paths on their website. For example, the upgrade paths for 
Windows 10 are published here: docs.microsoft.com/en-us/windows/deployment/ 
upgrade/windows-10-upgrade-paths while the upgrade support documents for 
macOS are here: support.apple.com/macos/high-sierra. 


With Windows, you also have to consider the edition when upgrading. You can usually 
upgrade to the same or higher edition (Windows 7 Home Premium to Windows 10 
Home or Professional or Windows 10 Home to Windows 10 Professional, for instance), 
but you cannot upgrade from a home to an enterprise edition. Downgrading the 
edition is supported in some circumstances (Windows 7 Professional to Windows 10 
Home, for instance) but this only retains documents and other data, not apps and 
settings. Downgrading from an Enterprise edition is not supported. 


Note that you can only upgrade the same type of operating system. You cannot 
"upgrade" from Windows to Linux, for instance. 


HARDWARE COMPATIBILITY AND APPLICATION COMPATIBILITY 


The first step in checking hardware compatibility is to verify that the system exceeds 
the recommended requirements or prerequisites. The minimum requirements will not 
usually deliver adequate performance. 
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The second step is to verify that peripheral devices and expansion cards will work 
under the OS. Effectively this means, "Has the manufacturer released a stable driver 
for the OS?" Microsoft maintains a Windows Logo'd Product List (LPL) catalog, 
previously called the Hardware Compatibility List (HCL). This is a catalog of tested 
devices and drivers. If a device has not passed Windows logo testing, you should check 
the device vendor's website to confirm whether there is a driver available. 


If you are performing an in-place upgrade or if you are planning a clean install and 
need to know whether you will be able to reinstall a particular app, you also need to 
check with each application vendor whether the new OS version is supported. In some 
cases, you may need to purchase an application upgrade, too. 


Note: You can sometimes use automated Upgrade Advisor software to check whether 

@ the existing computer hardware (and software applications) will be compatible with a 
new version of Windows. An Upgrade Advisor might be bundled with the setup program 
or available from the vendor website. 


Unsupported hardware or software can cause problems during an in-place upgrade 
and should be physically uninstalled from the PC. It is also worth obtaining the latest 
drivers for various devices from the vendor's website. The Windows setup media ships 
with default drivers for a number of products, but these are often not up-to-date nor 
are they comprehensive. 


Note: Store the latest drivers for your hardware on a USB drive or network location so 
that you can update hardware efficiently. 


LINUX INSTALLATION AND COMPATIBILITY 


The hardware requirements for installing Linux will depend upon the distribution of 
Linux you choose. Linux is a portable operating system, which means it can run ona 
variety of hardware platforms. There are versions available for many different 
processor types, including Intel x86, Itanium, DEC Alpha, Sun Sparc, Motorola, and 
others. In general, a basic installation of Linux on a workstation might require as little 
as 16 or 32 MB of memory and 250 MB of disk space, but you might need several 
gigabytes of disk space for a complete installation, including all utilities. 


Because Linux is a portable operating system, it is compatible with a wide range of 
hardware. You will need to check with the vendor or provider of your Linux distribution 
to verify if your particular system hardware is supported by that distribution. 


A site that works well for this is linux.com. They have a yearly comparison of the Linux 

distributions and what they feel are the best distributions for various purposes. 

Some web resources you can use to research general Linux hardware support include: 

* The Linux Hardware Compatibility HOWTO website at tldp.org/HOWTO/Hardware- 
HOWTO/index.html. 


* The Linux Questions website's hardware compatibility list at linuxquestions.org/ 
hcl. 


* Linux hardware and driver support lists at linux-drivers.org. 


Check your Linux vendor's website and read the technical documentation for the 
distribution of Linux you plan to install or upgrade to in order to determine if your 
existing applications will be supported under the new version. 
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Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vl and job aids on How to Check Compatibility for OS Installation or Upgrade. 


INSTALLATION BOOT METHODS 


The installation boot method refers to the way in which the installation program and 
settings are loaded onto the PC. You may need to access the computer's firmware 
setup program to ensure that a particular boot method is available, enabled, and set to 


the highest priority. 
O 


Main [Security |Advanced |UEFI Drivers 


HP Computer Setup 
ee Boot Options A 
Startup Menu Delay (sec 
“Fast Boot 
CD-ROM Boot 
USB Storage Boot 


Network (PXE) Boot 


@ 


After Power Loss Power Off ~) 
“Prompt on Memory Size Change 
|Prompt on Fixed Storage Change 
“Audio Alerts During Boot 
UEFI Boot Order 


M.2: Windows Boot Manager 


Configuring boot devices and priority in a computer's firmware setup program. (Screenshot courtesy 
of Hewlett-Packard, Inc.) 


OPTICAL DISC (CD-ROM/DVD/BLU-RAY) 


Most attended installations and upgrades are run by booting from the setup CD-ROM 
or DVD. This might be listed as Optical Drive in the firmware setup program. You can 
also run a clean install or upgrade from an existing Windows installation. 


An ISO file contains all of the contents from an optical disc in a single file. ISO files 
stored on removable media or a host system are often used to install virtual machine 
operating systems. An ISO file can be mounted to the file system as though it were a 
physical optical drive. 
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EXTERNAL DRIVE/FLASH DRIVE (USB/ESATA) 


One problem with disc-based installs is that the setup disc quickly becomes out-of-date 
and post-installation tasks for installing drivers, updates, and service packs can take 
longer than the original installation. One way around this is to build slipstreamed 
media, with all the various patches and drivers already applied. The media could be 
CD-ROM, DVD, or USB-attached flash drive or external drive connected by USB or by 
eSATA. The computer firmware must also support USB or eSATA as a boot method. 


Note: Microsoft provides a tool to create installation media from an ISO of the product 
setup files (support.microsoft.com/en-us/help/15088/windows-create-installation- 
media). 


NETWORK BOOT (PXE) 


A remote network installation means connecting to a shared folder containing the 
installation files (which could be slipstreamed). The target PC must have a usable 
partition on the hard disk in which to store temporary files. There also needs to be 
some means of booting with networking software. Most computers now come with a 
Preboot eXecution Environment (PXE) compliant firmware and network adapter, 
which supports booting from a network with a suitably configured server. 


© Note: macOS supports a similar network boot method to PXE called NetBoot. 


INTERNAL FIXED DISK (HDD/SSD)/INTERNAL HARD DRIVE 
(PARTITION) 


Once the OS has been installed, you will usually want to set the internal fixed disk (or 
the boot partition on the internal fixed disk) as the default (highest priority) boot device 
and disable any other boot devices. This ensures the system doesn't try to boot to the 
setup media again. If access to the firmware setup program is secured, it also prevents 
someone from trying to install a new OS without authorization. 


An OS can be installed to a Hard Disk Drive (HDD) or Solid State Drive (SSD). Note that 
in the firmware setup program, the HDD will probably be on a SATA port while an SSD 
might be on a SATA, M.2, or PCle port. 


There may be some circumstances where you have to copy the installation media to 
the computer's fixed disk. To do this, you would remove the disk from the target PC 
and attach it to another machine. Use the other machine to partition the disk as 
appropriate and copy the setup files to it. Use the diskpart tool to set the partition as 
active. Use the bootsect tool to copy code to make the partition bootable. Finally, 
reinstall the disk to the target computer and boot to the partition containing your 
setup files. 


SECURE BOOT 


Motherboards now use a type of system firmware called Unified Extensible 
Firmware Interface (UEFI). In UEFI, there is an option called secure boot, which 
restricts OS installation to trusted software. This will prevent installation of Windows 7 
and some distributions of Linux if enabled because the setup files for these operating 
systems are not digitally signed in a way that the firmware is able to trust. 
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y 
Main |Security ‘Advanced (UEFI Drivers g) 


HP Computer Setup 


la Secure Boot Configuration 


SeeSee Legacy Support Enable and Secure Boot Disable 


Support Disable and Boot Enable 


Legacy Support Disable and Secure Boot Disable 
Secure Boot Key Management pm Re 


“import Custom Secure Boot keys 
zlear Secure Boot ke 
__ Reset Secure Boot keys to factory defaults 
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aver, disabl this key will cause the system to hang if the grapt ard is not compatible with De e Guard 


Configuring the Secure Boot option in the system firmware setup program. (Screenshot courtesy of 
Hewlett-Packard, Inc.) 


Also, a 32-bit edition of Windows needs to be installed in legacy BIOS mode. You can 
also choose to install using legacy BIOS mode if you do not want to use EFI boot for 
some reason. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
VW and job aids on How to Select an Installation Boot Method. 


DISK FORMATTING AND PARTITIONING 


The operating system must be installed to a partition that is of a suitable size and 
formatted with an appropriate file system. In Windows, the boot partition and system 
partition cannot be changed (except by using third-party tools), so it is important to 
plan the disk partition scheme in accordance with the way the computer will be used: 


e Will the computer have multiple operating systems installed (multiboot)? If so, it is 
best practice to create a partition for each OS. 

* Does the boot partition have spare capacity for growth? Running out of space will 
cause serious problems, so leave plenty of overhead. 
Windows must be installed to a boot partition formatted with NTFS. 


* Is some sort of hardware RAID being used? If so, the RAID utility must be used to 
configure the RAID level and create volumes before the OS can be installed. A RAID 
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configuration utility is invoked by pressing a key combo such as Ctrl+F during 
startup (when the RAID firmware BIOS is processed). 

* Is an SSD or hybrid SSD being used? The SSD should be used for the boot partition 
as this will improve performance. 


Note: Remember that in Microsoft's terminology, the system partition is where the boot 
files are and the boot partition is where the operating system is installed. 


MULTIBOOT 


If a user needs multiple operating systems, they can be set up on the same computer 
in a multiboot environment. Most operating systems can be run in this way, with the 
following caveats: 


* Each OS should be installed to a separate boot partition. 


* The system partition must be accessible to each OS. This means that, typically, it 
must be formatted using FAT or FAT32). 

* New operating systems should not overwrite the boot manager. The general 
principle is to install the older operating system first, as an older OS is less likely to 
recognize a multiboot environment. Alternatively, the boot manager may need to 
be reconfigured manually following installation of an OS. 


Multiboot is seldom used anymore as virtualization represents a simpler way of 
achieving the same aim, with the major advantage that the different operating systems 
can be used concurrently. 


DISK FORMATTING 


The easiest way to ensure a properly formatted boot drive with the correct partitions 
and format is to install to a blank hard disk. If you are using a disk with existing data 
that you do not want to keep, you can choose to delete existing partitions using the 
disk setup tool. 


(& Computer Management i x 
File Action View Help 
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Æ Computer Management (Local Volume || File System | Status Í Capacity Í Free Space | | Actions 
v if System Tools = (C) P NTFS Healthy (Boot, Page File, Crash Dump, Primary Partition) 475.50 GB 53.75 GB Disk M: nii 
@ Task Scheduler | = (Disk 0 partition 2) Healthy (EFI System Partition) 100 MB 100 MB 
{| Event Viewer == (Disk 0 partition 5) NTFS Healthy (OEM Partition) 908 MB 381 MB More Actions > 
E Shared Folders = DATA (F:) NTFS Healthy (Primary Partition) 931.38GB 438.39 GB 
® Local Users and Groups| | = Recovery NTFS Healthy (OEM Partition) 450MB 436MB 
® Performance < > 
wh Device Manager 
Gas 
~ E Songe —Diko M a E 
2 k Management Baic Recovery © 
is Services and Applications || 476.92 GB 450MBNTFS || 100 MB 475.50 GB NTFS 908 MB NTFS 
Online Healthy (OEM F | | Healthy (EF | | Healthy (Boot, Page File, Crash Dum | | Healthy (OEM Par 
= Disk 1 et 
Basic DATA (F:) 
931.39 GB 931.38 GB NTFS 
Online Healthy (Primary Partition) 
= Disk 2 
Removable (D:) 
No Media 
= CD-ROM 0 
DVD (E:) 
No Media 
{v 
< > || HE Unallocated [J Primary partition 


Partition layout for a GPT-style disk and Windows 10. (Screenshot used with permission from 
Microsoft.) 
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The previous figure shows the typical partition layout for an OEM-formatted PC with 
UEFI-type firmware: 


* Disk 0 is a Solid State Drive (SSD) hosting the boot and system partitions. There are 
also two OEM partitions used for OS recovery and vendor diagnostic tools. The boot 
partition has been assigned drive letter C: and the other partitions have no drive 
letter. 

* Disk 1 is a second fixed disk. More accurately, it is a RAID volume comprising two 
mirrored HDDs, but because this is hardware RAID, it appears as a single disk to the 
Os. 

* Disk 2 is a flash memory card reader and you can also see the optical disc drive. 

* All the partitions except the EFI system partition are formatted using NTFS. The 
Extensible Firmware Interface (EFI) system partition uses a type of FAT but isn't 
listed as such in the drive management tool. 


By contrast, the following screenshot shows the partitions created by the CentOS Linux 
setup tool if automatic partitioning is selected. 


69 GB Hard Disk 


f-" 69 GB Hard Disk 


5 Model Msft Virtual Disk (1.0) 
Msft Virtual Disk 
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L Msft Virtual DVD-ROM Partitioning GUID Partition Table 
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/dev/centos/root 
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Filesystem artition 
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*> 
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Size 210 MB — 199 MB free (5.0% full) 
Device /dev/sdal 
Partition Type EFI System 


Contents FAT (16-bit version) — Mounted at /boot/efi 


CentOS Linux default partitions. 


The fixed disk is divided into three partitions: an EFI system partition, one for the Linux 
boot loader, and a Logical Volume Manager (LVM) partition. The LVM software is used 
to divide this last partition into three volumes (block devices)—one for the OS system 
files (root), one for a swap partition, and one for user data (home). 


OS SETUP DISK FORMATTING TOOLS 


While you can inspect and configure disks, partitions, and file systems using the Disk 
Management console once Windows is installed, a different tool is used from the Setup 
program to prepare the disk. 
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Where do you want to install Windows? 


Total Size Free Space| Type 
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© Load Driver =n Extend 
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Windows disk setup options. (Screenshot used with permission from Microsoft.) 


If you are performing a clean install but the target disk already has a partition 
structure, you can use the setup tool to delete the existing partitions. You can use the 
New button to create a custom partition structure or just select a disk with enough 
unallocated space and allow setup to create the required partitions automatically. 


LOADING DISK DRIVERS 


In order to manage the hard disk, the setup program must have an appropriate driver 
for it. Most of the time the setup media will include a suitable driver. If you are 
installing to a RAID volume or to a computer with legacy firmware, it is possible that 
the disk or volume may not be recognized. If this is the case, you will have to load the 
disk or RAID vendor's driver via the Load Driver option on the Where do you want to 
install Windows dialog box in setup. 


LOCALE SETTINGS AND SOFTWARE SELECTION 


When you perform an attended installation, you need to manually configure setup at 
various points in the process. Windows setup is much better streamlined than in the 
past, with all the configuration options at the beginning and end of the process. 


Note: You are focusing on the Windows setup program here, but other operating systems 
present similar choices. 


The first step in a Windows attended installation is to choose the language, regional 
format settings, time zone, and keyboard type. You should also check that the date and 
time are displayed correctly. 
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E ej Set Up Windows 


Review your time and date settings 


Time zone: 
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Configuring the time zone during Windows 7 setup. (Screenshot used with permission from Microsoft.) 


Having done that, you can initialize setup by entering the product key, accepting the 
End User License Agreement (EULA), choosing the install type—upgrade or custom 
(clean install)—and partitioning and formatting the disk. Setup then proceeds without 
requiring any intervention. During this time, setup copies the OS files to the system 
folder, detects hardware devices, and loads appropriate drivers. Once this process is 
complete, the PC will restart. 


SOFTWARE SELECTIONS 

In Windows setup, there is no opportunity to install additional software as such, 
though you can choose options such as linking the installation to a Microsoft user 
account and syncing files to OneDrive. When you install Linux, however, there is 
typically a setup option prompting you to select the type of installation and choose 
specific software packages to use. 
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SOFTWARE SELECTION CENTOS 7 INSTALLATION 
Base Environment Add-Ons for Selected Environment 
Basic functionality. Client tools for connecting to a backup server and doing backups. 
Compute Node [V] GNOME Applications 
Installation for performing computation and processing. A set of commonly used GNOME Applications. 
Infrastructure Server [V] Internet Applications 
Server for operating network infrastructure services Email, chat, and video conferencing software 
File and Print Server C] Legacy X Window System Compatibility 
File, print, and storage server for enterprises Compatibility programs for migration from or working with legacy X Window System 
Basic Web Server environments. 
Server for serving static and dynamic internet content [v] Office Suite and Productivity 
Virtualization Host A full-purpose office suite, and other productivity tools. 
Minimal virtualization host. |_| Smart Card Support 
Server with GUI Support for using smart card authentication, 
Server for operating network infrastructure services, with a GUI. [V] Compatibility Libraries 
Compatibility libraries for applications built on previous versions of CentOS Linux 
GNOME is a highly intuitive and user friendly desktop environment. C Development Tools 
KDE Plasma Workspaces A basic development environment. 
The KDE Plasma Workspaces, a highly-configurable graphical user interface which O Security Tools 
erie a panel, desktop, system icons and desktop widgets, and many powerful KDE Security tools for integrity and trust verification, 
applications. 


. . [V] System Administration Tools 
Development and Creative Workstation Utilities useful in system administration. 
Workstation for software, hardware, graphics, or content development 


Selecting a computer environment/role and software add-ons during CentOS setup. 


NETWORKING CONSIDERATIONS 


There are some network-related things you will want to consider during installation. 


WINDOWS UPDATE 

If the setup program detects that a network connection is present, it may present an 
option to use Windows Update to download the latest installation files from the 
Internet. If no Internet connection is available or you want to skip this step, you can 
use Windows Update after setup is complete. 


Note: In Windows 7, you could disable Windows Update automatic updating during 
setup if desired. This option is not available when installing Windows 10. 


WORKGROUP VS. DOMAIN SETUP 


A workgroup is a Microsoft peer-to-peer network model in which computers are 
grouped together with access to shared resources for organizational purposes. A 
domain is a Microsoft client/server network model that groups computers together for 
security and to centralize administration. Computers that are members of a domain 
have access to a shared central user account database, which means that an individual 
can use a single user account to log on at any computer within the domain. 


Windows does not support joining a domain during an attended installation. The 
computer can be joined by reconfiguring System properties in Control Panel, via the 
Settings interface, or can be joined during an unattended installation by using an 
answer file or script. 


There is no option to change the default workgroup name (WORKGROUP) either. In 
Windows networking, the workgroup name is now entirely cosmetic. 
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In Windows 7, you are prompted to configure the computer's host name and choose a 
user name and password for the local administrator account. In Windows 8/10, you 
can choose to use a Microsoft account rather than creating a local account. 


If the computer is not connected to the Internet, you will just be prompted to create a 
local account. You can convert a local account to a Microsoft account (or vice versa) 
using Windows Settings. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vf and job aids on How to Select a Network Type During Windows Installation. 


POST-INSTALLATION TASKS 


Windows should detect all supported hardware and load the appropriate drivers 
during setup. When you have gotten to the final configuration screens, it is a good sign 
that the installation has succeeded. You might want to check the log files, check Device 
Manager to confirm all hardware has been recognized, and test each hardware device 
to verify functionality. You can use Programs and Features (in Control Panel) or the 
Microsoft Store to install any optional Windows components or third-party software 
applications. 


Update the system documentation with details of the installation. Keeping up-to-date 
documentation is important for system maintenance and troubleshooting. 


MICROSOFT PRODUCT ACTIVATION 


Microsoft Product Activation or Volume Activation for Windows operating system 
is an antipiracy technology that verifies that software products are legitimately 
purchased. Product activation reduces a form of piracy known as casual copying. For 
example, you must activate the Windows operating systems within a given number of 
days after installation. After the grace period, users cannot access the system until they 
activate Windows. Volume Activation automates the activation process. 


For individual installations of Windows, you can activate the installation over the 
Internet. If you do not have an Internet connection, you can activate over the phone, 
although this takes a little longer. If you wish, you can postpone product activation and 
activate later in the activation grace period. 


In large organizations, you can use a Volume License Product Key, which eliminates the 
need to individually activate each installation of Windows. You can also activate 
Windows as part of an automated installation. 


REPAIR INSTALLATIONS 


If aWindows computer will not boot or if you are troubleshooting a problem such as 
slow performance and cannot find a single cause, it may be necessary to perform 
some sort of "repair installation." There are several means of accomplishing this. 


Note: A repair install will only work if you are replacing the same version of the operating 
system; you cannot upgrade in this manner. 
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FACTORY RECOVERY PARTITION 


A recovery disc or factory recovery partition (also called a Rescue Disk) is a tool 
used by OEMs to restore the OS environment to the same state on which it was 
shipped. The disc or recovery partition is used to boot the system, then a simple 
wizard-driven process replaces the damaged installation with an image stored ona 
separate partition on the hard disk. The recovery process can be started by pressing a 
key during startup (F11 or CtrI+F11 are often used; a message is usually shown on- 
screen). 


OEM media will not usually recover user data or settings or applications installed— 
everything gets set back to the state in which the PC was shipped from the factory. 
User data should be recovered from backup, which obviously has to be made before 
the computer becomes unbootable. 


You could also create recovery media manually or using backup software or drive 
imaging. In this scenario, you can create images that reflect all the software and service 
packs that a typical machine should include. Most backup suites have a simple wizard- 
driven routine for creating recovery media. 


The advantages of using a recovery partition are that less time is required to re-build 
the machine and from a technical support point-of-view, recovery is much easier for 
end-users than re-installing Windows. 


The main disadvantages with OEM recovery media are that the tool only works if the 
original hard disk is still installed in the machine and will not include patches or service 
packs applied between the ship date and recovery date. The recovery image also takes 
up quite a lot of space and users may not feel that they are getting the hard disk 
capacity that they have paid for! 


the user. You can moke the partition visible to Explorer through the Disk Management 


Note: A recovery partition is not usually allocated a drive letter so will not be obvious to 
program. 


REFRESH/RESTORE INSTALLATION 


An in-place upgrade repair install is a "last gasp" method of restoring a Windows 7 
installation that will not boot. The install process is run over the top of an existing 
installation. This can preserve some settings, application software installation, and data 
files while restoring system files. In Windows 8 and Windows 10, there are officially 
supported refresh and reset options to try to repair the installation. Using refresh 
(called Just remove my files in Windows 10) recopies the system files and reverts 
most system settings to the default, but can preserve user personalization settings, 
data files, and apps installed via Windows Store. Desktop applications are removed. 


Lesson 13: Installing, Configuring, and Maintaining Operating Systems | Topic C 


The Official CompTIA® A+® Core 7 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 817 


© Troubleshoot 


Refresh your PC 
If your PC isn’t running well, you can 
refresh it without losing your files 


Reset your PC 


If you want to remove all of your files, 
you can reset your PC completely 


Advanced options 


Performing a repair installation of Windows 8. (Screenshot used with permission from Microsoft.) 


Using the Reset option (called Fully clean the drive) deletes the existing OS plus apps, 
settings, and data ready for the OS to be reinstalled. 


UNATTENDED INSTALLATIONS 


Performing an attended installation is time-consuming. Although the setup process 
has been streamlined since the early versions of Windows, an attended installation still 
requires the installer to monitor the setup program and input information. When it 
comes to deploying large numbers of installations (whether at the same time or over a 
period of months), there are several options for completing fully or partially 
unattended installations. As with ordinary installs, these can be completed using a 
variety of media but most would be based on the remote network installation boot 
method (PXE). 


IMAGE DEPLOYMENT 

Any installation involving more than a few PCs makes using imaging technology 
worthwhile. An image is a clone of an existing installation stored in one file. The image 
can contain the base OS and configuration settings, service packs and updates, 
applications software, and whatever else is required. An image can be stored on DVD 
or USB media or can be accessed over a network. 


Windows supports the use of answer files, allowing for fully or partially unattended 
installations. An answer file is an eXtensible Markup Language (XML) text file that 
contains all of the instructions that the Windows Setup program will need to install 
and configure the OS without any administrator intervention. 


Using unattended installation allows for multiple installations to occur simultaneously, 
can prevent errors during installation, and creates more consistency between 
installations in a large-scale rollout, all while lowering overhead costs and decreasing 
installation time and effort. 


WINDOWS SYSTEM IMAGE MANAGER 

The Windows System Image Manager is used to configure answer files. An answer 
file contains the information input during setup, such as product key, disk partitions, 
computer name, language and network settings (including whether to join a domain or 
workgroup), and so on. This file is accessed automatically during setup, meaning that 
an installer does not have to be present. The System Image Manager is packaged 
with the Windows Assessment and Deployment Kit (ADK), formerly the Windows 
Automated Installation Kit (WAIK), available from Microsoft's website. 
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r 


Fa classroom.xml* - Windows System Image Manager keka- (mèm) 
File Edit Insert Tools Help 
ESBwW iy & |@ 
Select a Distribution Share E] feos classroom a E Properties a 
= m) Components AppliedConf 1 win E 
5-a] 1 windowsPE . 
6-{ T] amd64_Microsoft-Windows-Setup_neutr 
J] ComplianceCheck 
£7) Diagnostics 
= 7 DiskConfiguration q 
=}-{ J) Disk F 


E m CreatePartitions 
{T CreatePartition 


{T Display 
£7) DynamicUpdate 
H-{ T) Imagelnstall | 

J] Pagefil 
amd64_Microsoft-Windows-powercpl_6.1.7601. + =A a = eae 
g amd64_Microsoft-Windows-Printing-Spooler-Core FT RunS synchronous | 
amd64_Microsoft-Windows-RasServer_6.1.760° = Data 
{£ amd64_Microsoft-Windows-RemoteAssistance-£ 6-7) UserData 

4 Wi Y avd p paT. 

amd64_Microsoft-Windows-Security-Licensing-S_— H-T) WindowsDeploymentServices Di 


o amd64_Microsoft-Windows-Security-Licensing-S z = = 
amd64_Microsoft-Windows-Security-Licensing-S ? 
{£ amd64_Microsoft-Windows-Security-SPP_6.1.7¢ 
{£ amd64_Microsoft-Windows-Security-SPP-UX_6. = . ; 5 
{T amd64_Microsoft-Windows-Securty-SPP-UX-SF | | XML(0)| Validation (0) | Configuration Set (0) 
6- amd64_Microsoft-Windows-Setup_6.1.7600.162 | Description Location | 
ComplianceCheck 
fl Diagnostics ad 


4 m | + 


JJ No wamings or errors 


Windows System Image Manager. (Screenshot used with permission from Microsoft.) 


DRIVE CLONING AND SYSPREP 


If Windows is to be deployed to multiple machines with similar hardware 
specifications, the most common method of deployment is to use disk imaging 
software to clone an installation from one PC (the reference machine) to the rest. This 
has the advantage that a full system can be built, including applications, service packs 
and patches, and default user settings. 


Note: You need different images for 32- and 64-bit platforms. 


Microsoft's Deployment Image Servicing and Management tool (dism, part of the 
ADK) is used to duplicate the disk contents. Dism reads the contents of a drive and 
writes the output to a .WIM (Windows Image File) format file. 


However, duplicating an existing installation exactly can cause problems, as it repeats 
the Security ID (SID; a unique identifier for each machine) and assumes that the 
machines have exactly the same hardware configuration, which may not be the case. 


Microsoft's System Preparation Tool (Sysprep) utility should be run before imaging 
the disk to side-step these problems. You can run the tool from %SystemRoot% 
\System32\Sysprep\sysprep.exe. 
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System Preparation Tool 3.14 x 


System Preparation Tool (Sysprep) prepares the machine for 
hardware independence and deanup. 


System Cleanup Action 
Enter System Out-of-Box Experience (OOBE) {v 
Generalize 


Shutdown Options 
Shutdown v 


Resealing your computer using sysprep. (Screenshot used with permission from Microsoft.) 


Note: The Sysprep utility has gone through several updates with different Windows 
versions and service packs. 


WINDOWS DEPLOYMENT SERVICES 


A basic network installation can be set up by putting the installation files in a network 
share, booting the machine to the network, then accessing the installation program 
from the share. 


Windows Deployment Services is a Windows Server component used to implement 
network installs more effectively for .WIM images and answer files. 


To support network deployments, clients must have a PXE compatible firmware and 
network adapter. 
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Activity 13-4 


Discussing OS Installation 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. When should you use FAT32 for the system partition? 


2. Ifyou want to use PXE as an installation method, what type of compatible 
component would you require? 


3. What is the advantage of using a USB thumb drive to install Windows? 


4. What is a recovery partition? 


5. What should you configure in order to perform an unattended installation? 


6. What is meant by disk imaging? 


7. How would you configure a PC to join a domain during installation of 
Windows 7? 
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Activity 13-5 


Deploying a Windows Image 


BEFORE YOU BEGIN 
Complete this activity using Hyper-V Manager and the PC1 (Windows 10) VM. 


You normally create answer files by using the Windows System Image Manager. As that 
process is quite complex, there is an answer file supplied for use in this activity. 


SCENARIO 


When you want to deploy Windows to multiple workstations, you will usually image a 
reference system containing all the system updates, applications, and Windows 
features that you want to use on each workstation. Before you can use the reference 
system as an image, however, you need to run the sysprep utility so that Windows 
generates a new unique system ID when installed to a new workstation. In this activity, 


you will practice performing a Windows unattended installation by using an image and 
answer file. 


1. Onthe PC1 VM, examine the contents of the answer file in C:\LABFILES 
\unattend.xml. 


ii unattend.xm! - Win tem Image Manager = o 
File Edit Inset Tools Help 


[SRW 4 SAA) 


| | 
Select a Distribution Share 2% unattend v Properties 
5- Components AppliedConfigurationPass 7 oobeSystem 
lj 1 windowsPE Component Microsoft-Windows-Shell-Setup 
a] 2 offlineServicing Path UserAccounts/LocalAccounts/Loq 
al 3 generalize Plain Text true | 
aly 4 specialize vV Settings | 
-a 5 auditSystem Value Pa$$w0rd 


| a 6 auditUser 
al 7 oobeSystem 
| {0} amd64_Microsoft-Windows-Intemational-Core_neutra 
5- amd64_Microsoft-Windows-Shell-Setup_neutral 
| i &-¥) 0oBe 
T] VMModeOptimizations 
J UserAccounts 
f AdministratorPassword 
T] DomainAccounts 
5- LocalAccounts 
2-8) LocalAccount[Name="Sam Sales"] 
£ Password 


amd64_Microsoft-Windows-Printing-Spoolert A I Packages 
amd64_Microsoft-Windows-RasServer_10.0. 
{| amd64_Microsoft-Windows-RemoteAssistanc 
£ amd64_Microsoft-Windows-Secure Startup-Fit 
{E amd64_Microsoft-Windows-Security-SPP_10 
{E amd64_Microsoft-Windows-Security-SPP-UX, 
eff) amd64_Microsoft-Windows-Security-SPP-UX- 
6- amd64_Microsoft-Windows-Setup_10.0.1713 AppliedConfigurationPass 
£ amd64_Microsoft-Windows-SharedAccess_1 
S- amd64_Microsoft-Windows-Shell-Setup_10.0 < 


w- AutoLogon 
{0} Cient Applications 
pin XML(0) Validation (2) Configuration Set (0) 
6- FirstLogonCommands Description Location 
{0 FolderLocations A The setting has not been modified. It will not be saved to the answerfile. Components/oobeSystem/amd64_Microsoft-Windows-Shel| 


H- LogonCommands 
H- NotificationArea 
{0} OEMinformation 


£ OF MWelenmeCenter MIN > 
< > 


a The setting has not been modified. It will not be saved to the answer file. Components/oobeSystem/amd64_Microsoft-Windows-Shel) 


This answer file was created by using Windows System Image Manager. (Screenshot used with 
permission from Microsoft.) 


Lesson 13: Installing, Configuring, and Maintaining Operating Systems | Topic C 


822 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


a) 
b) 
c) 
d) 


e) 


Start PC1, and sign on to the Admin account with the Pa$$w0rd credential. 
Open File Explorer and browse to C:\LABLFILES. 

Right-click the Unattend file, and select Edit with Notepad++. 

Identify some of the features of this answer file. 


2 <unattend xmlns="urn:schemas-microsoft-com:unattend"> a 
<settings pass="oobeSystem"> 
<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyTo 
<InputLocale>en-us</InputLocale> 
<SystemLocale>en-us</SystemLocale> 
<UILanguage>en-us</UILanguage> 
<UILanguageFallback>en-us</UILanguageFallback> 
<UserLocale>en-us</UserLocale> 
l </component> 
ll <component name="Microsoft-Windows-Shell-Setup” processorArchitecture="amd64" publicKeyToken="31 
<UserAccounts> 
<AdministratorPassword> 
<Value >UABhACQAJAB3ADAACGBKAEEAZABtAGKAbgBpAHMAGABy AGEAGABVAH IAUABhAHMACWB3AG8AcCgBKA, 
<PlainText>false</PlainText> 
</AdministratorPassword> 
<LocalAccounts> 
<LocalAccount wcem:action="add"> 
1 <Password> 
20 <Value>UABhACQAJAB3ADAACGBEAFAAYOBZAHMAGWBVAHIAZAA=< /Value> 
1 <PlainText>false</PlainText> 
22 </Password> 
23 <Description>Default administrator account</Description> 
24 <DisplayName>Sam</DisplayName> 
25 <Group>Administrators</Group> 
26 <Name>Sam Sales</Name> 
2 H </LocalAccount> 
28 </LocalAccounts> 
iA </UserAccounts> 
0 =| <OOBE> 
31 <HideEULAPage>true</HideEULAPage> 
2 <HideLocalAccountScreen>true</HideLocalAccountScreen> 
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen> 
34 <HideOnlineAccountScreens>true</HideOnlineAccountScreens> 
5 <HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE> 


IHIH 


T 


HH 


HHI 


36 <ProtectYourPC>1</ProtectYourPC> 
37 f </00BE> 
F </component> v 


* The answer file configures only a single setup "pass," called OOBE (Out-of-Box 
Experience). It is possible to configure settings for every part of setup, including 
disk partitioning and formatting, but you do not need to do this for your reference 
system. 

* The first "component" in the answer file sets the values for system and input 
locale. 

* There is a section that creates a new user account named Sam. The password for 
the account is hashed (the plain text value is Pa$$w0rd). The account is added to 
the Administrators security group. 

* The final section skips the configuration screens so that no user input is required. 

Close Notepad++. 


Check the current machine SID, and then run sysprep. You can use one of the 
utilities in the Sysinternals suite of Windows tools to return the machine's SID. 


a) 


b) 


Open a command prompt and run the following command: 
c:\labfiles\sysinternals\psgetsid -accepteula 
This returns the SID of the local machine (host name PC1). 

Write down the SID: 


Run the following command (ignore any line breaks that may be present in printing 
and issue this as a single command): 


c:\Windows\System32\Sysprep\Sysprep.exe 
/generalize /oobe /reboot /unattend:c:\labfiles 
\unattend.xml 


Sysprep will spend some minutes reconfiguring the system. The VM will reboot 
several times. 
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Note: When you select reboot mode, you are applying the setup changes back 
to the same disk. Normally, you would shut down the VM and then duplicate 
the disk image to another VM. Sysprep would then run mini setup when that 
new VM was first booted. 


d) When setup is complete, select the Sam user account, and sign in with the password 
Pa$$wo0rd. 


e) When the profile has been set up and the desktop loads, open a command prompt 
and run ps get sid again to verify that the SID and computer name have changed. 


At the end of each activity, you need to close the VM. You will always discard any 
changes you made. 


a) From the connection window, select Action—Revert. 
b) Ifyou are prompted to confirm, select the Revert button. 
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Topic D 


Maintain OSs 


EXAM OBJECTIVES COVERED 
R 1002-1.4 Given a scenario, use appropriate Microsoft command-line tools. 


1002-1.5 Given a scenario, use Microsoft operating system features and tools. 
1002-1.9 Given a scenario, use features and tools of the Mac OS and Linux client/desktop 
operating systems. 


Once you have installed the OS, you need to maintain it on an ongoing basis and set up 
some basic preventive maintenance procedures to keep the computer working well. 
Maintaining an OS might not seem as exciting or interesting as performing a new 
installation or replacing a hard disk, but it is actually one of the most crucial tasks for a 
support technician. System maintenance is important for two reasons: first, proper 
maintenance can prevent system problems from arising. Second, proper maintenance 
of the system, including the creation of appropriate backups, can make recovery or 
troubleshooting operations much easier. As a CompTIA A+ technician, you can use the 
skills and information in this lesson to perform preventive maintenance as part of your 
ongoing job tasks. 


DISK MAINTENANCE 


Of all the computer's subsystems, disk drives and the file system probably require the 
most attention to keep in optimum working order. They are subject to three main 
problems: 


+ Fragmentation—ideally, each file would be saved in contiguous clusters on the 
disk. In practice, over time as files grow, they become fragmented (written to non- 
contiguous clusters), reducing read performance. 

* Capacity—typically, much more file creation occurs on a computer than file 
deletion. This means that capacity can reduce over time, often quite quickly. If the 
system disk has less than 20% free space, performance can be impaired. When 
space drops below 200 MB, a Low Disk Space warning is generated. 

* Damage—hard disk operations are physically intensive and the platters of the disk 
are easy to damage, especially if there is a power cut. If the disk does not recognize 
that a sector is damaged, files can become corrupted. 


These problems can be addressed by the systematic use of disk performance tools. 
These tools should be run regularly—at least every month and before installing 
software applications. 


In Windows, you can access tools to maintain and optimize a drive through the drive's 
properties dialog box (right-click the drive icon and select Properties). 


WINDOWS DISK MAINTENANCE TOOLS 


There are several tools that you will find helpful when it comes to performing disk 
maintenance in Windows. 


CHECK DISK 
The Check Disk (chkdsk) Windows utility checks the integrity of disks and can repair 
any problems detected. Scheduling a check disk to run regularly will keep errors from 
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accumulating on the hard disk. It is recommended that you run the Check Disk utility 
weekly. 


Check Disk OS (C:) ee Son 


Check disk options 
V| Automatically fix file system errors 
| Scan for and attempt recovery of bad sectors 


The Check Disk utility in Windows 7. (Screenshot used with permission from Microsoft.) 


There are three ways to run the tool: 


* No option selected—runs in Read-Only mode. 

* Automatically fix file system errors—file system errors are caused by crashes, 
power loss, and the like. Ata command line, use chkdsk volume: /f,where 
volume is the drive letter. 

* Scan for and attempt recovery of bad sectors—bad sectors are damage to the 
actual drive. If a drive has many bad sectors, it is probably nearing the end of its 
useful life. You are prompted to save any recoverable data, which is copied to the 
root directory as filennnn.chk files. At a command line, use chkdsk 
volume: /r, where volume is the drive letter. 


@ Note: Note that /r implies / £ so you do not need to use both switches. 


Check Disk cannot fix open files, so you may be prompted to schedule the scan for the 
next system restart. A version of Check Disk (autochk) will also run automatically if the 
system detects file system errors. The other main parameters and switches for the 
command-line version are as follows: 


Switch Use 
path Specify a path (and optionally file name) to check. 
/X Force the volume to dismount. This will cause file errors for users with 


files open on the volume. If the volume is in use and you use the / £f 


or / r switches without / x, you are prompted to schedule chkdsk for 
the next system restart. 


| ix On NTFS volumes only, skips parts of the checking process. 


Note: chkdsk can take a long time to scan and fix errors on a large disk. You cannot 
cancel once started. Run a Read-Only scan first. 


DISK DEFRAGMENTER 


In Windows, the Disk Defragmenter reorganizes a drive to store information relating 
to each file in contiguous sectors of the disk. This improves performance by reducing 
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the time required to load a file. The Disk Defragmenter can also move data to the 
start of the disk, leaving a single free area of disk for use by new files. 


Bj Optimise Drives 


You can optimise your drives to help your computer run more efficiently or analyse them to find out if they need to be 
optimised. Only drives on or connected to your computer are shown. 


Status 
Drive Media type Last run Current status 
Hard disk drive 24/09/2018 22:05 OK (1% fragmented) 
we Flash Drive (l:) Hard disk drive 20/09/2018 11:07 OK (0% fragmented) 
we System Reserved Hard disk drive 20/09/2018 11:07 OK (0% fragmented) 
Analyse ; Optimise 


Scheduled optimisation 


On Change settings 
Drives are being optimised automatically. 
Frequency: Weekly 

Close 


Optimize Drives (Defragmenter) in Windows 10. (Screenshot used with permission from Microsoft.) 


In Windows 8/10, the GUI tool is named Optimize Drives. It performs additional disk 
and file system improvements compared to the basic utility. 


You can defragment local and external hard disks. You cannot defragment an optical 
disc or a network drive. 


Note: With flash drives and SSDs, while seek time is not a performance factor, the file 
system does still benefit from defragmentation. You can read more about the technical 
considerations in optimizing SSDs at hanselman.com/blog/ 
TheRealAndCompleteStoryDoesWindowsDefragmentYourSSD.aspx. 


Although it is possible to run this utility in the background while you work, it will slow 
your machine and prevent defragmentation of open files. It is usually better to run 
defragmenter when your computer is not being used. 


Note: The Defragmenter requires above 15% of free disk space to work effectively. If 
insufficient free disk space is available, some files may not be defragmented. 


Windows automatically schedules Defragmenter to run using Task Scheduler. 


Note: Windows Task Scheduler is discussed in greater detail later in this topic. 


Lesson 13: Installing, Configuring, and Maintaining Operating Systems | Topic D 


The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 827 


LINUX AND macOS DISK MAINTENANCE TOOLS 


The file systems used by Linux and macOS (ext and HFS Plus/APFS) are less prone to 
fragmentation than NTFS. Regular use of disk maintenance utilities is still considered 
best practice, however. 


LINUX DISK MANAGEMENT TOOLS 

Linux file systems do not ordinarily require defragmenting. Linux leaves gaps between 
each file, allowing the files to grow or shrink within their own "space," avoiding the 
worst effects of fragmentation. Performance will suffer if the disk is more than 80% 
full, however. You can use the following tools to check the health of the disk and file 
system: 


* df and du—check free space and report usage by directories and files. 
* f£sck—check a partition for errors. Note that the partition should be unmounted 
before running this tool. 


Note: Most systems automatically run the fsck command at boot time so that errors, 
if any, are detected and corrected before the system is used. 


macOS DISK UTILITY 

In macOS, the Disk Utility app can be used to verify or repair a disk or file system. It 
can also be used to erase a disk with security options in case you are selling or passing 
ona Mac. 


eee Disk Utility 
D~ ite o Ge) © 
| View Volume First Aid Partition Erase Restore Unmount Info 
Internal 
Macintosh HD = : 
¿i Macintosh HD 


250.69 GB 


SHARED BY 4 VOLUMES 


APFS Volume « APFS 


B Used ® Other Volumes Free 
222.14 GB 2.84 GB 25.71 GB 
Mount Point: / Type: APFS Volume 
Capacity: 250.69GB Owners: Enabled 
Available: 33.93 GB (8.22 GB purgeable) Connection: PCI-Express 
Used: 222.14GB Device: disk1s1 


Disk Utility. (Screenshot courtesy of Apple.) 


As with Linux, there is no need to regularly defragment a Mac hard drive. It's possible 
to run a defragmentation, but it should only be needed very rarely. 


PATCH MANAGEMENT 


Patch management is an important maintenance task to ensure that PCs operate 
reliably and securely. A patch or update is a file containing replacement system or 
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application code. The replacement file fixes some sort of coding problem in the original 
file. The fix could be made to improve reliability, security, or performance. 


Patch management is the practice of monitoring, obtaining, evaluating, testing, and 
deploying fixes and updates. As the number of computer systems in use has grown 
over recent years, so has the volume of vulnerabilities and corresponding patches and 
updates intended to address those vulnerabilities. However, not every computer within 
an organization will necessarily be compatible with a certain patch, whether because of 
outdated hardware, different software versions, or application dependencies. 


Because of the inconsistencies that may be present within the various systems, the 
task of managing and applying patches can become very time-consuming and 
inefficient without an organized patch management system. In typical patch 
management, software updates are evaluated for their applicability to an environment 
and then tested in a safe way on non-production systems. If the patch is validated on 
all possible configurations without causing more problems, only then will the valid 
patch be rolled out to all computers throughout the entire organization. 


A patch management program might include: 

* An individual responsible for subscribing to and reviewing vendor and security 
patches and updating newsletters. 

«+ Areview and triage of the updates into urgent, important, and non-critical 
categories. 

* An offline patch test environment where urgent and important patches can be 
installed and tested for functionality and impact. 

* Immediate administrative push delivery of approved urgent patches. 

* Weekly administrative push delivery of approved important patches. 

* Aperiodic evaluation phase and full rollout for non-critical patches. 

Many organizations have taken to creating official patch management policies that 


define the who, what, where, when, why, and how of patch management for that 
organization. 


OS UPDATES 


While working within patch management procedures, you also need to know the 
processes involved in performing updates in different operating systems. 


WINDOWS UPDATE 
Windows Update is a website (update.microsoft.com) hosting maintenance updates 


for different versions of Microsoft Windows. A control installed on the computer 
enables it to browse the site and select updates for download and installation, using 
the Background Intelligent Transfer Services (BITS) protocol. 


Note: Unless they address a critical issue, updates are released on Patch Tuesday (the 
second Tuesday of every month). 


Windows Update hosts critical updates and security patches (code to fix security 
vulnerabilities in Windows and its associated software) plus optional software and 
hardware updates to add or change features or drivers. There is also a complementary 
program, called Microsoft Update, which can be used to keep Microsoft Office 
software patched at the same time. 
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JOE Meonoirndtens v vinowtnsse w/t Somiwwaons OO P 
@ 


Control Panel H r 
aai = Windows Update 


Check for updates 


Change settings i : 
I piinke hëtoiy V) No important updates available 
4 optional updates are No updates are currently selected. 


Restore hidden updates 


Updates: frequently asked 
questions 


available 


Most recent check for updates: Today at 09:12 
See also Updates were installed: 11/05/2012 at 01:34. View update history 
Installed Updates You receive updates: For Windows and other products from Microsoft 


Updat 
z Windows Anytime Upgrade a 


Windows Update (Windows 7). (Screenshot used with permission from Microsoft.) 


Note: Hotfixes are released to fix problems being experienced in specific circumstances. 
They are not always available through Windows Update but can be requested via the 
Microsoft Knowledge Base article describing the problem. 


During setup, Windows can be configured to check for system updates (via the 
Internet) and download them as needed. Update settings can be reconfigured via the 
Windows Update applet in Control Panel. 


Eto 


Choose how Windows can install updates 


When your computer is online, Windows can automatically check for important updates and install them 
using these settings. When new updates are available, you can also install them before shutting down the 
computer. 

How does automatic updating help me? 


Important updates 


y] Install updates automatically (recommended) Š 
instal new updates 2 


Recommended updates- 
[F] Give me recommended updates the same way I receive important updates 


Who can install updates- 
[7] Allow all users to install updates on this computer 


Microsoft Update 
[¥] Give me updates for Microsoft products and check for new optional Microsoft software when I 
update Windows 


Software notifications 
[F] Show me detailed notifications when new Microsoft software is available 


Note: Windows Update might update itself automatically first when checking for other updates. Read our 
privacy statement online. 


Oox | 


Changing update settings in Windows 7. (Screenshot used with permission from Microsoft.) 
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In Windows 10, you can also check for updates via Windows Settings—Update & 
Security. Note that, in the basic interface, Windows Update can only be disabled 
temporarily in Windows 10. 


You can choose which updates to apply and also configure update settings. 


The WindowsUpdate.txt log (stored in the %SystemRoot% folder) records update 
activity. If an update fails to install, you should check the log to find the cause; the 
update will fail with an error code that you can look up on the Microsoft Knowledge 
Base. 


If an update causes problems, you can use the Programs and Features applet to 


uninstalled. 


Note: To check the current build of Windows, run winver. To check the version number 
of a particular file, right-click and select Properties. 


On a corporate network, updates can also be served using a Windows Server Update 
Services (WSUS) server. This allows the network administrator to approve updates for 
selected computer groups. 


APPLICATION UPDATES 

Software applications (especially those with browser plug-ins) may also need updating 
with the latest patches. Applications can contain security vulnerabilities in the same 
way as the OS; in fact, applications are targeted more aggressively than Windows itself 
as attackers recognize that they are less likely to be patched than the OS. 


Microsoft software (such as MS Office) can be updated via the same update interface 
by selecting Give me updates for other Microsoft products when I update 
Windows. Most third-party vendors install autoupdate software with their 
applications. 


LINUX PACKAGE MANAGEMENT 

To manage updates and software in Linux, the package manager (such as yum or apt- 
get) needs to be configured with the web address of the software repository (or 
repositories) that you want to use. It can then be used to install, uninstall, or update 
the software. 
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GNU nano 2.2.6 File: /etc/apt/sources. list 


# deb cdrom: (Ubuntu-Server 11.04 _Natty Narwhal_ - Release i386 (20110426)1/ na$ 
deb cdrom: (Ubuntu-Server 11.04 _Natty Narwhal_ - Release i386 (20110426)]/ nat$ 


# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to 
# newer versions of the distribution. 
main restricted 
main restricted 


Ht Major bug fix updates produced after the final release of the 
tt distribution. 
main restricted 
main restricted 


tt N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu 
## team. Also, please note that software in universe WILL NOT receive any 
itt review or updates from the Ubuntu security team. 
universe 
universe 
universe 
universe 


itt N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu 


O Get Help W WriteDut W Read File $i Prev Page W9 Cut Text @@ Cur Pos 
A} Justify i!) Where Is @Y Next Page Ñi) UnCut Texts) To Spell 


Configuring package manager sources in Ubuntu Linux. 


Most Linux software is configured by editing one or more text files with the required 
parameters, though some software may provide a GUI front-end. 


Updates to the Linux kernel and drivers and a distribution's software tools and 
applications can be obtained via the package manager. 


For example, you can edit a configuration file in the unattended-packages package to 
allow apt to obtain different types of updates. In the following example, only security 
updates are being obtained—the other types are commented out. 


GNU nano 2.2.6 File: /etc/apt/apt .conf .d/S0unattended-upgrades 
7 Automatically upgrade packages from these (origin, archive) pairs 
nattended-Upgrade: :Allowed-Origins { 

“S{distro_id} ${distro_codename}-secur ity”: 
7 “"S{distro_id} ${distro_codename}-updates"; 
7 “S{distro_id} ${distro_codename}—proposed" ; 
7 “S{distro_id} ${distro_codename}-backports” : 


7“ List of packages to not update 
nattended-Upgrade: :Package-Blacklist f 
7 “uim”; 

7 “Libc6"; 

Z “libc6-dev"; 

7 “Libc6- i686"; 


This option allows you to control if on a unclean dpkg exit 
unattended-upgrades will automatically run 


The default is true, to ensure updates keep getting installed 


7 

7 

i dpkg --force-confold --configure -a 

7 

/Unattended-Upgrade: :AutoFixInterruptedDpkg “false”: 


7 Split the upgrade into the smallest possible chunks so that 
7 they can be interrupted with SIGUSR1. This makes the upgrade 
7 a bit slower but it has the benefit that shutdown while a upgrade 


Get Help W WriteDut W Read File $i Prev Page W9 Cut Text WO Cur Pos 
A) Justify | Where Is @Y Next Page gl] UnCut Texts) To Spell 


Configuring update types. 


Having configured automatic updates, another configuration file sets options for the 
frequency of updates, cleaning out temporary files, and so on. Finally, you would use 
an executable update task for scheduling by the cron tool. 
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t Unlike any other crontab you don’t have to run the ‘crontab’ 
command to install the new version when you edit this file 

# and files in /etc/cron.d. These files also have username fields, 
that none of the other crontabs do. 


SHELL=/bin/sh 
ATH=/usr/ local/sbin:/usr/ local/bin:/sbin:/bin:/usr/sbin:/usr/bin 


it m h dom mon dow user command 
root cd / && run-parts --report /etc/cron.hourly 
root test -x /usr/sbin/anacron II ( cd 7 && run-parts —-repoS| 
root test -x vusr/sbin/anacron II ( cd 7 && run-parts —-repo$ 
root test -x /usr/sbin/anacron Il ( cd / && run-parts —-repoS| 


[ Read 17 lines ] 


Ims-admin@lms:/etc/cron.daily§ Is 


Ims-admin@ lms: /etc/cron.daily$ 


The apt script runs as a daily task to install updates as per the configuration files. 


macOS PATCH MANAGEMENT 


In macOS, the App Store checks daily for new updates and releases of installed apps. If 
a new version is available, a notification will be shown against the App Store icon in the 
dock. Also when you open the App Store, it will highlight that updates are available 
against the Updates button in the App Store window menu bar. To update the app, 
run App Store and click the Updates button in the top bar of the window. 


® Preferences 
Automatic Updates 


Automatically download apps purchased on other Mac computers 


Video Autoplay 


In-App Ratings & Reviews 


Require a password for additional purchases after a purchase with 
"gj @me.com" from the App Store with this computer? 


Free Downloads: Require Password 


Purchases and In-App Purchases: Require After 15 Minutes 


Configuring automatic updates. (Screenshot courtesy of Apple.) 


You will have a choice to either update the apps individually or update all from the 
button at the top. It is recommended to choose Update All so that the latest versions 
of your apps and updates to macOS (not necessarily new versions) are on the Mac. It is 
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also possible to automatically update apps to the latest version. To do this, go to App 
Store—Preferences and configure the appropriate settings: 


Most apps that are downloaded and installed from a third-party developer will 
automatically check if updates are available each time they are run. A prompt will be 
displayed to update or to cancel. It's also possible to manually check for updates using 
the Check for Updates menu option in the app itself. 


ANTI-MALWARE UPDATES 


On any Windows system, it is particularly important that antivirus software (or any 
other type of malware-blocking software) be updated regularly. Two types of update 
are generally necessary: 


e Virus definitions/patterns—this is information about new viruses. These updates 
may be made available daily or even hourly. 


* Scan engine/components—this fixes problems or makes improvements to the scan 
software itself. 


Client Management Settings 


General| Scheduled Updates 


é Set the schedule for automatic updates via LiveUpdate. 


Frequency When 
Continuously 
Every 

© Daily At: 20:00 X 
Weekly 


Missed Event Options 


Keep trying for (in hours): 


Randomization Options 


wl Randomize the start time to be + or - (in 


! hours): z = 


Schedule regular virus definition and scan engine updates. (Screenshot used with permission from 
Microsoft.) 


There is usually an option within the software program to download and install these 
updates automatically. In the example in the previous figure, note the options to retry 
and randomize the start time—this helps to ensure that an update will take place. 


LINUX AND VIRUSES/MALWARE 


Some people feel that virus detection is unnecessary for Linux when used as a desktop 
PC OS. The way the Linux operating system is built (and the fact that there are many 
distributions) means that unlike Windows, it is harder to write a virus that will affect 
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every Linux system. Different command-line/graphical shells, a simpler security 
system, and software package managers with authorized software repositories all 
mean that a virus writer has a harder job to infect a Linux system. 


This does not mean that Linux is risk-free, however, and each installation should be 
assessed for security controls to suit the use to which it is put. Any high value target 
could be subject to specific, targeted attacks against it. Where Linux is used as the 
platform for a web server, for instance, it is imperative to configure appropriate 
security controls. Products such as Clam antivirus (ClamAV) and the Snort Intrusion 
Prevention System (IPS) can be used to block varied malware threats and attempts to 
counteract security systems. Though now owned by Cisco, both ClamAV and Snort are 
open source products made freely available under the General Public License (GPL). 


Another scenario for installing Linux anti-malware software is to detect infected files 
and prevent onward transmission via email or file transfer to Windows-based systems. 


macOS AND VIRUSES/MALWARE 


Like any other software, macOS is subject to numerous vulnerabilities and security 
advisories, some of which can be exploited and are serious enough to an unprivileged 
user to obtain root access. It is imperative to patch macOS systems against known 
vulnerabilities. There are relatively few instances of the infection of macOS systems by 
conventional computer viruses or worms. However, this does not mean that new 
threats will not appear in the future. Also, macOS is vulnerable to different kinds of 
malware, such as fake A/V and Trojans. Also, a macOS host could pass on Windows 
viruses to other users via email or file transfer. If a Windows boot partition is installed 
on macOS, it's possible for the Windows installation to become infected with a virus. 


The following steps can help to protect a macOS computer from infection: 


* Only download trusted apps—by default, macOS will only allow apps to be installed 
that have been downloaded from the App Store. If this setting is changed, ensure 
that you only download apps and content from trusted websites. 

* Only download trusted content—again, make sure that you only download media or 
other content from reliable, trusted sources. 

e Use antivirus software—a number of free A-V packages are available for the Mac 
(from Avira, Avast, and Sophos for instance) that will detect malware directed at 
macOS—and Windows viruses too—and prevent redistribution via email or file 
sharing. 

* If you have a bootable Windows partition on your macOS installation (Boot Camp), it 
is essential to treat it as if you were running and managing a Windows computer. 
Any antivirus package can be used; make sure you follow the same processes and 
procedures to protect Windows as if it were a standalone computer. 
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ee < HH Security & Privacy Q 


FileVault Firewall Privacy 


A login password has been set for this user © Change Password... 


Require password 5 minutes after sleep or screen saver begins 


Allow your Apple Watch to unlock your Mac 


Allow apps downloaded from: 


S Clickthe lock to make changes. ? 


Security and Privacy settings. (screenshot courtesy of Apple.) 


DRIVER AND FIRMWARE UPDATES 


Windows ships with a number of core and third-party device drivers for system 
components and peripheral hardware. Updates for these devices can be obtained via 
Windows Update, though they will be listed as optional updates and might not install 
automatically. 


You might need to use the device vendor's website to obtain a driver. To update, you 
download the driver files and install them using the supplied setup program or extract 
them manually and save them to a local folder. You can then use the device's property 
dialog box in Device Manager to update the driver. You can either scan for the update 
automatically or point the tool to the updated version you saved locally. 


FIRMWARE UPGRADES 


Motherboard manufacturers may update their system firmware in order to fix bugs, 
solve incompatibilities with operating systems, or to add new features. You should visit 
your motherboard manufacturer's website regularly to check if and when upgrades are 
available. 


As well as the chipset firmware, you may need to update the firmware on other 
devices, such as drive units, printers, and networking equipment. Devices directly 
attached to the PC (via USB) can normally be updated from Windows using a setup 
utility provided by the vendor. A network device would typically be updated using its 
management software or web configuration interface. 
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ensure a stable power supply during the update process, using an Uninterruptible Power 


À Caution: Interrupting a firmware update can damage a device beyond repair. Try to 
Supply (UPS) if possible. 


macOS DRIVER UPDATES 


Unlike Windows-based PCs, where desktops are made from various hardware 
components from different manufacturers, each requiring its own driver, Apple's 
integrated approach to system building means that drivers are easier to manage. All 
drivers for display, network interfaces, drives, and so on, are integral to macOS and will 
be updated (where necessary) either through software updates through the App Store 
or even new releases of macOS itself. 


Where third-party devices are installed, always make sure that the latest version of the 
driver is installed. Use the About button from the device's page in System 
Preferences to verify the current driver version. 


Diagnose... OK 


Driver information for this Wacom graphics tablet is accessed via the About option in System 
Preferences. 


Check the manufacturer's website to see if this is the latest version. If installing a new 
driver, first remove the old driver from macOS. In the example in the previous figure, 
you would use the Wacom Utility under Applications, then click Remove under 
Tablet Software to delete the driver and utilities. You may be prompted to enter an 
administrator password to do this. 


Next, download the latest version from the manufacturer website. This will almost 
certainly take the form of a .dmg disk image. Double-click the package and follow the 
instructions to install the driver. Complete the process by verifying the updated version 
number is shown via System Preferences. 


Note: Always remember to remove the old version of a third-party driver before 
updating. 


SCHEDULED BACKUPS 


One of the most important operations in computing is the creation of a secure backup 
of data files. Typically, network backups take place using a tape system, which has the 
advantages of high capacity, relatively low cost, and portability. For this type of backup, 
advanced backup software capable of backing up online databases and remote 
systems is required. Most large organizations will implement a structured backup 
scheme that includes a backup schedule and specifications for which files are backed 
up, where the backup is stored, and how it can be retrieved. The backup scheme will 
specify the media rotation method, which determines how many backup tapes or 
other media sets are needed, and the sequence in which they are used and reused. 
Designated administrators will have the responsibility for designing and managing the 
backup scheme and for restoring data when needed. 
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Note: When a computer is connected to a network, it is bad practice for a user to store 
data locally (on the client PC's hard drive). Network home folders and the use of scripts to 
copy data can help users to transfer data to a file server, where it can be backed up 
safely. 


Personal backups are necessary for home users or on workgroups, where no central 
file server is available. In this scenario, the backup software supplied with Windows is 
serviceable. Most home users will backup to external hard drives or use some sort of 
cloud-based storage. 


WINDOWS BACKUP 


The backup tool included with Windows 7 has the ability to back up selected locations. 
The home editions are restricted to backing up to local drives or removable media, 
whereas the business/Ultimate editions can back up to a network share. 


( lelas) 

m 

ttg Re «< All Control Panel Items » Backup and Restore a | +4 | | Search Control Pane Pp 
@- 


Control Panel Home = 
Back up or restore your files 


(@ Turn off schedule Backup 


(@ Create a system image Location: LEXAR (E:) P Back up now } 


@ Create a system repair disc — č — 
114.31 MB free of 1.87 GB 


Backup size: 102.28 MB 


@ Manage space 

Next backup: 22/08/2010 19:00 

Last backup: 20/08/2010 09:29 E 

Contents: Files in libraries and personal ~ 
folders for selected users 

Schedule: Every Sunday at 19:00 
@ Change settings 

Restore 
You can restore your files that were backed up on Restore my files | 


the current location. 
ae Restore all users’ files 
s W Select another backup to restore files from 
Action Center d up. 


© Windows Easy Transfer Recover system settings or your computer 


x = = d 


Windows 7 Backup and Restore Center. (Screenshot used with permission from Microsoft.) 


In Windows 8 and Windows 10, user data backup options are implemented via File 
History. To configure the backup device and select folders to back up, select 
Settings—Update & security—Backup. 


Lesson 13: Installing, Configuring, and Maintaining Operating Systems | Topic D 


838 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


e Settings - o x 
@ Back-up options 


Overview 
Size of backup: 42.2 GB 


Total space on Flash Drive (I:) (I:): 30.2 GB 
Last backup: 24/09/2018 21:22 


Back up now 


Back up my files 
Every hour (default) v 


Keep my backups 


Until space is needed ~ 


Back up these folders 


te Add a folder 


Configuring backup options via Windows Settings. (Screenshot used with permission from Microsoft.) 


If you need to restore a file or folder, you can either check the Previous Versions tab 
in the object's Properties dialog box or use the File History applet. 


tT | Home v| © Search AIl 


06 December 2015 20:29 | 1of1 


4 File folder (3) 


Bek 


Contacts Desktop Favorites 


4 Library (4) 


Titems 1 item selected 


Redirecting file output for a restore operation. (Screenshot used with permission from Microsoft.) 


macOS TIME MACHINE BACKUP 

In macOS, the Time Machine utility enables data to be backed up to an external, 
attached drive. To enable Time Machine, go to System Preferences—Time Machine 
and slide the switch to On. Select the disk where the backups are to be stored. Under 
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Options it is possible to unselect certain files, folders, or even drives from a backup 
plan. By default, Time Machine keeps hourly backups for the past 24 hours, daily 
backups for a month, and weekly backups for all previous months. When the drive 


used to store backups becomes full, Time Machine removes older backups to free up 
space. 


Time Machine Select Backup Disk... | 


Back Up Automatically | 
Time Machine keeps: | 
e Local snapshots as space permits 
e Hourly backups for the past 24 hours 
e Daily backups for the past month 
e Weekly backups for all previous months 


The oldest backups are deleted when your disk becomes full. 


Show Time Machine in menu bar Options... ? 


Configuring Time Machine. (Screenshot courtesy of Apple.) 


To restore files from Time Machine, a timeline on the right-hand side of the screen will 
show the available backups. Using the Finder window in Time Machine, find the folder 
with file (or files) that you want to restore. Then slide the timeline back to the date/time 
of the previous version. 


Note: Time Machine stores backups on the local drive as snapshots as well as any 
available backup drive. If the backup drive is not attached, you may still be able to 
restore a file or version from the local snapshot. If the tick mark next to an item in the 
timeline is dimmed, the backup drive needs to be attached to restore that item. 


LINUX BACKUP TOOLS 

Linux does not have an "official" backup tool. You could create a custom backup 
solution using the cron task scheduler (see the following section) and file copy scripts. 
There are plenty of commercial and open source backup products for Linux, however. 
Some examples include Amanda, Bacula, Fwbackups, and Rsync. 


TASK SCHEDULERS 


While you might establish procedures for performing the maintenance tasks discussed 
previously, you might also want the tasks to run automatically within the OS. To 
accomplish this, you can use a task scheduler. 


WINDOWS TASK SCHEDULER 


Task Scheduler, as its name suggests, is a Windows tool that sets tasks to run at a 
particular time. Tasks can be run once at a future date or time or according to a 
recurring schedule. A task can be a simple application process (including switches, if 


Lesson 13: Installing, Configuring, and Maintaining Operating Systems | Topic D 


840 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


necessary) or a batch file or script. Task Scheduler is accessed via Administrative 
Tools. Apart from defining the path to the file or script you want to execute and setting 
the schedule, you should also enter the credentials that the task will run under—if the 
selected user account does not have sufficient permissions, the task will not run. 


Many of Windows' processes come with predefined task schedules. Disk 
Defragmenter/Optimize Drives, for instance, is configured to run automatically by 
default. Other features include: 


* You can define triggers other than a simple schedule—running a task when the 
machine wakes from sleep or hibernation, for instance. 

* You can add multiple actions under a single task. 

* You can view a log of events connected to the task. 

* You can organize tasks in folders and there are more tools for managing them. 


(© Task Scheduler o || © |E) 
File Action View Help 
e9 20H 
@T J » BI 
+) Task Scheduler Local) re EE EE 
a (@ Task Scheduler Library| — - 
Event Viewer Tasks © ScheduledD... Queued At01:00 every Wednesday of every week, starting) 
Games B Create Basic Ta... 
4 Microsoft ® Create Task... 
B wi a 
d= eS |S Import Task... 
Active Diret PORRA 
ApplD =A Display All Run... 
Application < m a t| | @ Enable All Task... 
Autochk = — 
Bluetooth General Triggers | Actions | Conditions | Settings | History (disabled) | ER New Folder 
a á a Delete Fold 
pera Name: ScheduledDefrag 2 ee = 
I Customer E View >| 
(P| Defrag Location: | \Microsoft\Windows\Defrag 
B Dieancc; 3 Q| Refresh 
(5 Diagnosis Author: Microsoft Corporation I 
gand Description: This task defragments the computers hard disk drives. 1 2 — 
A Location 
Maintenant Selected Item a 
E] Media Cent D Run 
E MemoyDie | m End 
MobilePC E Dibi 
isable 
= MUI Security options a 
Multimedia ort... 
OS Nett When running the task, use the following user account: > ó 
m a ` = ; & Properties 
4 m j + A nt aa 


Windows 7 Task Scheduler. (Screenshot used with permission from Microsoft.) 


cron 

In Linux, if you want to run a batch of commands or a script to perform a backup or 
other maintenance task, there is a scheduling service called cron. Every user of the 
system is allowed to schedule programs or tasks in their own personal crontab (cron 
table). These tables are merged together by cron to create an overall system schedule. 
Every minute, the cron service checks the schedule and executes the programs for that 
time period. 

To add or delete a scheduled job, use the crontab editor. To review a user's crontab 
jobs, enter the command: crontab -1. 


To remove jobs from the scheduled list, use the command: crontab -r. 


To enter the editor, run the command crontab -e. crontab uses the vi editor by 
default. To add a new job, press the Insert key then type a new job using the 
appropriate syntax. After the job syntax has been typed, press the Esc key to return to 


command mode. To save the job and exit, type : wq; to abandon changes, type :q! 
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The basic syntax for scheduling a job using crontab can include the following: 

* mm—specifies the minutes past the hour when the task is to initiate (0-59). 

* hh—specifies the hour (0-23). 

* dd—can be used to specify the date within the month (0-31). 

* MM—specifies the month in either numerical or text format (1-12 or jan, feb, mar). 
* weekday-—sets the day of the week (1-7 or mon, tue, wed). 


* command—the command or script to run. This should include the full path to the 
file. 


It is important to note that any of the time/date related parameters can be replaced by 
wildcards: 


* * specifies any or other characters. 
e „allows multiple values. 

* -allows a range of values. 

+ /2 indicates every other. 


For example, consider the following crontab entry: 
e 15 02 * * 5 /usr/bin/rsyne -av --delete /home/fred / 
mount/rsynce 


This would cause the system to run the rsync backup program at 2:15am on a Friday 
(day 5), synchronizing the /home/fred directory with the /mount/sync folder (which 
could be a mount point to an external backup device). 


macOS also supports cron but Apple's own launchd scheduler is preferred. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vf and job aids on How to Maintain Operating Systems. 
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Activity 13-6 


Discussing OS Maintenance 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. How do you run Check Disk in read-only mode? 


2. Which tool is used to verify file system integrity in Linux? 


3. Which Windows tool would you use if you want the defragmenter to run 
more frequently? 


4. Which of the following is not delivered via Windows Update? 


O Security patches. 
O Drivers. 


O Firmware updates. 
O Critical fixes. 


5. How would you update an app purchased from the Mac App Store? 


6. What Windows utility would you use to back up data files in Windows 10? 


7. What principal restriction would you face if using the backup tool included 
with Windows 7 Home Premium? 


8. What is the name of Apple's backup software for macOS? 
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9. In Linux, what command is used to view tasks scheduled by the current 
user? 
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Summary 


In this lesson, you installed, configured, and maintained OSs. Whether you are 
upgrading, installing from scratch, or redeploying a system, you will need the skills that 
enable you to install, configure, and optimize computer operating systems to meet 
your organization's business needs. 


Do you have experience installing operating systems? Do you feel you will be 


able to perform installations more efficiently as a result of the information 
presented in this lesson? 


How often do you expect to be able to perform in-place upgrades instead of clean 
installs at your workplace? 


Practice Question: Additional practice questions are available on the CompTIA CHOICE 
platform within the Assessments tile. 
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Lesson 14 


Managing Users, Workstations, and Shared 
Resources 


LESSON INTRODUCTION 


Once you have the computer network up and running, you can start to configure it to provide 
useful services. File and print sharing are key uses of almost every network. When configuring 
these resources, you have to be aware of potential security issues and understand how to set 
permissions correctly, to ensure that data is only accessible to those users who really should have 
been authorized to see it. 


Along with permissions, you will also need to manage user accounts on networks. Windows® 
networks can use local accounts within workgroups or centralized Active Directory® accounts ona 
domain network. In this lesson, you will learn some basic principles for managing users in both 
types of environment. 


LESSON OBJECTIVES 


In this lesson, you will: 
* Manage Windows local user and group accounts. 
* Configure network shares and permissions. 


* Configure accounts and policies in Active Directory domains. 
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TopicA 


Manage Users 


EXAM OBJECTIVES COVERED 
A 1002-1.4 Given a scenario, use appropriate Microsoft command line tools. 


1002-1.5 Given a scenario, use Microsoft operating system features and tools. 

1002-1.6 Given a scenario, use Microsoft Windows Control Panel utilities. 

1002-2.6 Compare and contrast the differences of basic Microsoft Windows OS security 
settings. 


Managing user accounts and permissions is an important task on any type of network. 
In this topic, you will learn how group accounts can be used to allocate permissions 
more easily and use consoles to configure system policies that can improve the 
security of the computer and network. 


USER AND GROUP ACCOUNTS 


A user account is the principal means of controlling access to computer and network 
resources and rights or privileges. The User Accounts applet in Control Panel is 
adequate for creating accounts on a family computer. If you are configuring computers 
for business use, you might want to use more advanced tools to create group accounts 
as well as user accounts. 


SECURITY GROUPS 


A security group is a collection of user accounts that can be assigned permissions in 
the same way as a single user object. Security groups are used when assigning 
permissions and rights, as it is more efficient to assign permissions to a group than to 
assign them individually to each user. You can assign permissions to a user simply by 
adding the user to the appropriate group(s). 


Group Description 
Built-in Local Built-in groups are given a standard set of rights that allow 
Groups them to perform appropriate system tasks. Starter and Home 


editions of Windows allow the use of two groups only: 


e Limited/standard user. 
* Computer administrator. 


For Windows Professional/Business, the principal built-in local 
groups include Administrators, Users, Guests, and Power Users. 
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Description 


An Administrator account can perform all management tasks 
and generally has very high access to all files and other objects 
in the system. The user created at installation is automatically 
added to this group. You should restrict use of this type of 
account, using a regular user account when appropriate, and 
only log in with administrative privileges for specific tasks. 


When Windows is installed to a new computer, the account 
actually named "Administrator" is disabled by default. The 
setup procedure creates an account with administrative 


privileges in its place. 


Note: If the computer is not part of a domain, the 
"Administrator" account is re-enabled in Safe Mode if all other 
administrative accounts have been deleted or disabled (as a 
disaster recovery mechanism). Note that the "Administrator" 
account is not subject to UAC and so should be left disabled if 
the computer is to be used securely. 


When a new user is created, they are typically added to the 
standard Users group. The group is able to perform most 
common tasks, such as shutting down the computer, running 
applications, and using printers. Ordinary users can also change 
the time zone and install a local printer, provided there is a 
suitable driver already installed. 


The Guests group has only limited rights; for example, 
members can browse the network and Internet and shut down 
the computer but cannot save changes made to the desktop 
environment. Generally, you should disable the Guest account 
(its default condition) and establish a proper user account for 
each user accessing your system. If the account is enabled, then 
any user attempting to access your computer who does not 
hold their own user account, will be connected using the Guest 


account credentials. 


Note: The default Guest account is the only member of the 
Guests group. While the Guest user account is usually 
disabled, the Guests group is not. 


The Power Users group still appears to support legacy 
applications, but its use is strongly deprecated. The rights 
allocated to this account type can be abused to allow the user 
to obtain more powerful Administrator or System privileges. 
You can read more about issues with using Power Users at 
support.microsoft.com/en-us/help/825069/a-member-of- 
the-power-users-group-may-be-able-to-gain-administrator- 


ri. 
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Group Description 


System Groups There are a number of other default groups, providing a means 
to easily configure things like privileges to access remote 
desktop, backup, event logs, and so on. Windows also includes 
built-in system groups. Their membership cannot be changed 
manually, as it is dependent on what users are doing at the 
time. 


* Everyone—All users who access the computer are members 
of the group Everyone. This includes users who have not 
been authenticated and who are accessing the computer as 
a guest. 

+ Authenticated Users—All users who access the computer 
and have a valid user account. 

* Creator Owner—The Creator Owner group includes the 
account of the resource owner. Normally, the creator of a 
resource is the owner, but administrators (and other users 
who have been allowed to do so) are able to take ownership. 

e Interactive—This group contains the user account of the 
person currently working locally at the computer. 

e Network—This group contains the user account(s) of any 
users currently connected to the computer over a network. 


System and Service There are also some non-interactive accounts that you should 

Accounts be aware of. Users cannot sign in to these accounts. They are 
"owned" by the OS (NT_AUTHORITY). They are used to run 
Windows processes and services: 


* LocalSystem—An account with the same, or in some ways 
better, privileges as the default Administrator account. A 
process executed using the system account is unrestricted in 
terms of making changes to the system configuration and 
file system. 

* LocalService—A limited account used to run services that 
cannot make system-wide changes. LocalService can access 
the network anonymously. 

e NetworkService—An account that has the same privileges 
as LocalService but can access the network using the 
computer's machine account's credentials. 


LOCAL USERS AND GROUPS 


In Pro, Professional, and Enterprise editions of Windows, the Local Users and Groups 
management console provides an interface for managing both user and group 
accounts. It is not available in Starter or Home editions. 
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(& Computer Management 


File Action View Help 


¢9|\fnl Saliba 


(& Computer Management (Locall 
v Ü} System Tools 
© Task Scheduler 
{E Event Viewer 
E Shared Folders 
v Æ Local Users and Groups 
Users 
C Groups 
® Performance 
i, Device Manager 
v $5 Storage 
EP Disk Management 


Es Services and Applications 


Name 


@ Access Control Assist... 
Æl Administrators 

Æl Backup Operators 

Æ Cryptographic Operat 
F Device Owners 

@& Distributed COM Users 
Æl Event Log Readers 

@ Guests 

Æ Hyper-V Administrators 
Z IIS_IUSRS 

Æl Network Configuratio... 
Æ Performance Log Users 
Æl Performance Monitor ... 
Æ Power Users 

@ Remote Desktop Users 
l Remote Management... 
Æ Replicator 

Æl System Managed Acc... 
l Users 


Æ HomeUsers 


Description 


Members of this group can remot... 
Administrators have complete an... 
Backup Operators can override se... 
Members are authorized to perfor... 
Members of this group can chang... 
Members are allowed to launch, a... 
Members of this group can read e... 
Guests have the same access as m... 
Members of this group have com... 
Built-in group used by Internet Inf... 
Members in this group can have s... 
Members of this group may sche... 
Members of this group can acces... 
Power Users are included for back... 
Members in this group are grante... 
Members of this group can acces... 


Supports file replication in a dom 


Members of this group are mana... 
Users are prevented from making ... 


HomeUsers Security Group 


Actions 
Groups 


Local Users and Groups management console. (Screenshot used with permission from Microsoft.) 


CREATING A NEW USER 


To create a user, right-click on or in the Users folder and select New User. The account 


can be configured with the following properties: 


More Actions 


Setting Use 
Username The username may be up to 20 characters and cannot contain 
(required) the characters "\[]:; | =,+*?<>The username must be 


unique. Usernames are not case sensitive. 
Full name (optional) This should include the first and last name, and any middle 
initials if required. 
Description May be used to describe the user's job role. 
(optional) 
Password (optional 
but recommended 


Passwords can be up to 128 characters (at least 8 is 
recommended). Passwords are case sensitive. Avoid passwords 
that simply use words; include upper and lower case letters, 
punctuation, and numbers. 


User must change A useful way to ensure that an administrator-assigned 
password at next password is reset by the user when they first access the 
logon account. 


User cannot change Generally, users control their own passwords, but for some 
password user accounts it is preferable for the administrator to control 
the password. 


A useful option which overrides the local security policy to 
expire passwords after a fixed number of days. This option 
should be selected for system accounts, such as those used for 
replication and application services. 


Account is disabled Prevents use of the account. Acts as an alternative to deleting 
an account. 


Password never 
expires 
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RENAMING AND DELETING USER ACCOUNTS 

To rename a user account, select the account name, then right-click and choose the 
Rename option. A renamed account retains all the properties of the original account 
and also retains access to system resources. 


To delete an account, select the account name and either press the Delete key or 
choose Delete from the context menu. 


Windows uses a Security ID (SID) to uniquely identify each user and group. A warning 
message is displayed to remind you that this account identifier is unique. Even if you 
recreate another account with exactly the same username, the identifier created is still 
different. The new account cannot assume any access to resources that were assigned 
to the original. 


Disabling an account prevents it from being used, but allows the account to be 
reactivated if required. 


ADDING A USER TO A GROUP 

When a user is made a member of a group, the user obtains all the permissions 
allocated to that group. A user account can be a member of more than one group 
account. To add a user to a group or remove a user from a group, right-click the group 
account and select Properties. 


Administrators Properties ? x 


Generel 
he Administrators 


Description | Administrators have complete and unrestricted access 
to the computer/domain 
Members 
a Administrator 
F James 
Changes to a user's group membership 
Add € . are not effective until the next time the 
user logs on 
ca] E7 
Configuring members of the Administrators built-in group. (Screenshot used with permission from 
Microsoft.) 


THE net user COMMANDS 


You can also manage accounts at the command line using the net user command. 
You need to execute these commands in an administrative command prompt: 


* net user dmartin Pa$$w0Ord /add /fullname: "David 
Martin" /logonpasswordchg:yes 
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This example adds a new user account and forces the user to choose a new 
password at first login. 


* net user dmartin /active:no 


Disables the dmartin account. 


e net user dmartin 


Show the properties of the dmart in account. 


net localgroup Administrators dmartin /add 


Add the dmart in account to the Administrators local group. 


Note: Don't confuse net usercommands with net use, which is for 
configuring file shares. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
VW and job aids on How to Manage Windows Local Users and Groups. 


LOCAL SECURITY POLICY 


Policies are the most fine-grained means of adjusting registry settings outside of 
editing the registry directly. Policies can be used to configure almost any aspect of 
Windows, from the color of the desktop to the number of characters required in a user 
password. 


On a standalone workstation, password and account policies can be configured via the 
Local Security Policy snap-in (secpol.msc) located in Administrative Tools. You 


would use this to force users to choose more complex or longer passwords or to 
prevent users from re-using old passwords. 


B Local Security Policy = O x 
File Action View Help 

e 9| mB] HU & 

EA Security Settings R l Policy 


Security Setting 


TA 


ve Ae i a d] Enforce password history 0 passwords remembered 
asswor i : 
TÀ Account oe Policy oa Seen peor age 42 days 
TÄ Local Policies ia] — password age 0 days 
[El Windows Defender Firewall with Adve|| &! Minimum password length — l 0 characters 
(5) Network List Manager Policies 2k] Password must meet complexity requirements Disabled 
C] Public Key Policies Jj Store passwords using reversible encryption Disabled 


C] Software Restriction Policies 
Application Control Policies 
> 3 IP Security Policies on Local Compute 
> (5) Advanced Audit Policy Configuration 


< > 


Local Security Policy editor. (Screenshot used with permission from Microsoft.) 


A wider range of settings can be configured via the Local Group Policy snap-in 
(gpedit.msc). Group policy exposes pretty much the whole of the registry to 


Lesson 14: Managing Users, Workstations, and Shared Resources | Topic A 


852 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


configuration via a dialog-based interface, rather than editing individual keys through 
regedit. Policies can be applied to the computer object or to user accounts. 


=! Local Group Policy Editor - o x 
File Action View Help 
e| mlx eH = 


v (© Computer Configuration ^ || Policy Security Setting 
E Software Settings 


E Wind Setti in| Enforce password history 0 passwords remembered 
H ae _— , ue) Maximum password age 42 days 
(5) Name Resolution Policy Minim da ïa 
int asswor 
=| Scripts (Startup/Shutdown) aay mit, Saeed fede 
rat ie, Minimum password length 0 characters 


w Deployed Printers 
v B Security Settings à š : : 
a Account Policies us| Store passwords using reversible encryption Disabled 
CA Password Policy 
EÀ Account Lockout Policy 
TÀ Local Policies 
Windows Defender Firewall with Adva 
Network List Manager Policies 
Public Key Policies 
Software Restriction Policies 
Application Control Policies 
3 IP Security Policies on Local Compute 
[ Advanced Audit Policy Configuration 
al Policy-based QoS 
v © Administrative Templates 
Control Panel 
Network 
Printers 
Server 
Start Menu and Taskbar 
(5) System 
E Windows Components 
TÈ; All Settings v 


i] Password must meet complexity requirements Disabled 


The Local Group Policy editor. You can edit the same security policies here but any other number of 
computer and user account settings can also be configured. (Screenshot used with permission from 
Microsoft.) 


Note: The policy editors are not included in the Starter or Home editions of Windows. 


SSO AND CREDENTIAL MANAGER 


Single Sign On (SSO) means that a user only has to authenticate to a system once to 
gain access to all its resources (that is, all the resources to which the user has been 
granted rights). An example is the Kerberos authentication and authorization model 
for Active Directory domain networks. This means, for instance, that a user who has 
authenticated with Windows is also authenticated with the Windows domain's SQL 
Server® and Exchange Server services. Another example is the use of a Microsoft 
account to sign in to Windows and also be signed in to web applications such as 
OneDrive® and Office365°. 


The advantage of single sign-on is that each user does not have to manage multiple 
user accounts and passwords. The disadvantage is that compromising the account also 
compromises multiple services. 


Lesson 14: Managing Users, Workstations, and Shared Resources | Topic A 


The Official CompTIA® A+® Core 7 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 853 


Note: It is critical that users do not re-use work passwords or authentication information 
on third-party sites. Of course, this is almost impossible to enforce, so security managers 
have to rely on effective user training. 


CREDENTIAL MANAGER 

SSO is not available for many services. Most users do not try to remember each 
password for every website or network they use. Instead, they use the OS to save (or 
cache) the password. You can view cached passwords for websites and Windows/ 
network accounts using the Control Panel app Credential Manager. 


You can remove any credentials that you no longer want to store. Removing a 
credential may also resolve an authentication or service problem. You can view the 
plaintext of a web credential but not of a Windows credential. 


Credential Manager — o x 
€ vA > Control Panel > User Accounts > Credential Manager vod Search Control Panel 2 
e A 


Control Panel Home s 
Manage your credentials 


View and delete your saved log-on information for websites, connected applications and networks. 


ey Web Credentials a Windows Credentials 


Web Passwords 
http://ftp.learnondemand.net/ 


Website address (URL): http://ftp.learnondemand.net/ 
Username: 

Roaming: yes 

Saved By: Internet Explorer 

Password: seeseese Show 


User Accounts 
Remove 


Credential Manager. (Screenshot used with permission from Microsoft.) 
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Activity 14-1 


Discussing Windows User Management 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Which three principal user security groups are created when Windows is 
installed? 


2. What tool would you use to add a user to a local security group? 


3. True or false? If you delete a user, you can recover the user's permissions 
and group memberships by creating a new account with the same name. 


4. How can you ensure that an administrator-set default password for an 
account is not used permanently? 


5. What is the function of secpol.msc? 
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Topic B 


Configure Shared Resources 


EXAM OBJECTIVES COVERED 
El 1002-1.4 Given a scenario, use appropriate Microsoft command line tools. 


1002-1.6 Given a scenario, use Microsoft Windows Control Panel utilities. 

1002-1.8 Given a scenario, configure Microsoft Windows networking on a client/desktop. 
1002-2.6 Compare and contrast the differences of basic Microsoft Windows OS security 
settings 


One of the main uses of networks is for file and printer sharing. As a CompTIA A+ 
technician, you will often need to configure network shares. It is important that you 
configure the correct permissions on shares, understanding how share and NTFS 
permissions interact. 


WORKGROUPS 


In a peer-to-peer network, each computer can be both a server and a client. Each 
user administers his or her PC and the resources on it. The user can decide to give 
others access to files on his or her PC or to printers that are attached to it. Under 
Windows, this type of network is described as a workgroup. 


Workstation Workstation 


- A, 


P 


Workstation Workstation Workstation 


Peer-to-peer network. (Image © 123RF.com.) 
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A workgroup is quite simple to set up initially, but unreliable and difficult to organize. 
For example, a user could switch off their machine while someone else was accessing 
it. There is no good means of deciding who should have access to the network. It is 
difficult to grow the network, as when a machine or new user is added, all the other 
machines have to be "informed" about it. 


Workgroups are designed to support small groups of users. There is no centralized 
management of user accounts or of resources, and each machine requires a separate 
administrator. Desktop operating systems such as Windows can act as servers ina 
workgroup, but they are restricted in terms of the number of inbound connections 


they can support. 


Windows Server 


Windows Server 


Windows Server 


Local 
Security 
Database 

Windows Professional Windows Professional 


Workgroup security accounts are all stored locally. (Image © 123RF.com.) 


Note: Not all real-world networks are completely peer-to-peer or completely client-server. 
Some networks use a mixture of both approaches. 


As different versions of Windows have been released, Microsoft has implemented 
different ways for users to set up home networks simply. 


Note: The workgroup name can be changed using the Computer Name dialog box from 
System properties. The workgroup name is cosmetic, however. It is almost always left set 
to "WORKGROUP." 


HOMEGROUPS 


A homegroup is a feature introduced in Windows 7, and continued in Windows 8, to 
simplify secure access to shared folders and printers on a home network. 

The problem with a workgroup network is that there is no centralized database of 
users. Sharing folders would either require the local user's password to be shared, 
identical user accounts to be set up and maintained on each machine, or facilitated via 
the Guest account with no authentication. 

Homegroups are secured via a simple password. A computer can only belong to one 
homegroup at a time. Homegroups can contain a mix of Windows 7 and Windows 8 
computers. 
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To set up a homegroup, open the Network and Sharing Center and select Choose 
homegroup and sharing options. 


== == 


= 


© EP Create a Homegroup 


Share with other home computers running Windows 7 


Your computer can share files and printers with other computers running Windows 7, and you can 
stream media to devices using a homegroup. The homegroup is protected with a password, and 
you'll always be able to choose what you share with the group. 


Tell me more about homegroups 


Select what you want to share: 


[V] Pictures [E] Documents 
[V] Music [V] Printers 
[V] Videos 


Configuring a homegroup—choosing which resources to share. (Screenshot used with permission from 
Microsoft.) 


Windows will not allow the creation of a homegroup. Also, IPv6 must be enabled for 


@ Note: The network type must be defined as Home (Windows 7) or Private (Windows 8) or 
homegroups to work. 


JOINING A HOMEGROUP 


When a homegroup has been configured on a network, you will see a Join now button 
when you are browsing the Homegroup object in Explorer. Having joined a group, 
network users can access shared libraries and folders and choose whether to share 
their own libraries. Shared homegroup folders are shown via the Homegroup object in 
Explorer, which shows all the user accounts participating in the homegroup. 


WINDOWS 10 AND HOMEGROUPS 

The early versions of Windows 10 continued to support the homegroup feature. With 
the release of Windows 10 (1803), support for homegroups was discontinued. 
Windows 10 (1803) computers cannot create or join a homegroup. 


Note: At the time of writing, a bug means that homegroup options can still appear in a 
folder's Give Access To shortcut menu. These options do not do anything. 


NETWORK AND SHARING CENTER 


Whenever a new network link is detected, Windows prompts you to define it as Public 
or Private (Home or Work). The former option disables file and printer sharing and 
network discovery on the link. On a private network, you can customize the sharing 
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options to include printers, disable password-protected sharing, and so on. These 
options are configured via the Network and Sharing Center. 


totoe 
go-z « Network and Internet » Network and Sharing Center - | ts || Search Contro! Pane p 
Control Panel Home r : P . a e 
View your basic network information and set up connections 
Change adapter settings A 0... Qe % D See full map 
Change advanced sharin: =- 
Sigs ü = STUDENTO1 Network Internet 
(This computer) 
View your active networks Connect or disconnect 
LESS Network e Access type: No Internet access 
T= Public network Connections: ¥ Local Area Connection 
Change your networking settings 
ce Set up a new connection or network 
-< 
Set up a wireless, broadband, dial-up, ad hoc, or VPN connection; or set up a router or access 
point. 
ES Connect to a network 
Connect or reconnect to a wireless, wired, dial-up, or VPN network connection. 
$ Choose homegroup and sharing options 
Access files and printers located on other network computers, or change sharing settings. 
HomeGroup n 
an Troubleshoot problems 
Semel Options Diagnose and repair network problems, or get troubleshooting information. 
Windows Firewall 


Navigating the Windows 7 Network and Sharing Center—1) Select to view computers on the network; 
2) Select a cross to start the troubleshooter; 3) Select to open the web browser, 4) Select the network 
icon to manage names and locations; 5) Select the link to change the network type; 6) Select the 
adapter link to view status and configure properties. (screenshot used with permission from 
Microsoft.) 


In Windows 8 and Windows 10, the network map feature has been dropped and there 
is no option to change the network location type. This is done via Windows Settings 
instead. Select Network & Internet and then Ethernet or WiFi as appropriate. Under 
Network profile, select Public or Private. 


Note: Note that the "Network profile" options do not appear if UAC is set to the highest 
"Always notify" level. 


ADVANCED SHARING SETTINGS 


From the Network and Sharing Center, select Advanced sharing settings to configure 
the options for each profile. To share files on the network, Turn on network 
discovery and Turn on file and printer sharing must both be selected. 
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gO- aĝ « Network and Sharing Center » Advanced sharing settings vl + 


Change sharing options for different network profiles 


Windows creates a separate network profile for each network you use. You can choose specific options for 
each profile. 


Home or Work 


Network discovery 


m 


When network discovery is on, this computer can see other network computers and devices and is 
visible to other network computers. What is network discovery? 


© Turn on network discovery 
Turn off network discovery 


File and printer sharing 


When file and printer sharing is on, files and printers that you have shared from this computer can 
be accessed by people on the network. 


Turn on file and printer sharing l 
© Tur off file and printer sharing 


Public folder sharing 


When Public folder sharing is on, people on the network, including homegroup members, can 
access files in the Public folders. What are the Public folders? 


Turn on sharing so anyone with network access can read and write files in the Public folders 


© Turn off Public folder sharing (people logged on to this computer can still access these 
folders) 


Advanced sharing settings. (Screenshot used with permission from Microsoft.) 


Windows has a pre-defined folder for sharing files (the Public folder), which is available 
to all users of the PC and to network users, if enabled here. 


Under All networks, you can select Turn off password-protected sharing to allow 
anyone to access any file share configured on the local computer without entering any 
credentials. This enables the Guest user account, which is normally disabled. 


Note: For password-protected sharing, network users must have an account configured 
on the local machine. This is one of the drawbacks of workgroups compared to domains. 
Either you configure accounts for all users on all machines, use a single account for 
network access (again, configured on all machines), or you disable security entirely. 


NETWORK SHARE CONFIGURATION 


You can share other folders by right-clicking and selecting Share with (Windows 7) or 
Give access to (Windows 10). Select an account, then set the Permission level to 
Read or Read/write as appropriate. 
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F Network access 


Choose people to share with 


Type a name and then click Add, or click the arrow to find someone. 


Name Permission Level 
&, Everyone Read v 
2 James at CompTIA Owner 

I'm having tr le sharin 


G Share Cancel 


Configuring Advanced Sharing properties. (Screenshot used with permission from Microsoft.) 


ADVANCED SHARING 


In the folder's property dialog box, you can use the Share tab to configure advanced 
share properties: 


* Share name and optional comment—the share name identifies the share on the 
network while the comment can describe the purpose of the share. You can share 
the same folder multiple times with different names and permissions. 

+ Maximum number of users allowed to connect at any one time—Windows 
desktop versions are limited to 20 inbound connections. Only Windows Server 
systems support more connections. 

* Permissions—choose the groups or users allowed to access the folder and what 
type of access they have. 
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z ) Permissions for LABFILES x 


General Sharing Securty Previous Versions Customise Share Permissions 


Network File and Folder Sharing Group or user names: 
LABFILES Everyone 
Shared 82, Administrators (COMPTIA\Administrators) 
Network Path 
\\Comptia labfies 
M Share this folder 
Share 
Settings 
name: Add Remove 

Advanced Sharing Sat 
Set custom permissions, create mu LABFRES Y Permissions for Everyone Alow Deny 
advanced sharing options. Add apa Full Control a oO 

@ Advanced Sharing Limit the number of simultaneous users to: [27 (Oi Change 4 o 

L Read A o 
Password Protection Comments: 
People must have a user account 
computer to access shared folders 
To change this setting. use the Ne 
Permissions Caching 
Cancel 
Cose | sas 


Configuring Advanced Sharing properties—Notice that while Everyone has "Read" permission, the 
share permissions for Everyone are "Full Control." The "Read" permission is enforced by NTFS security. 
(Screenshot used with permission from Microsoft.) 


Windows provides three levels of share permissions: 
* Full Control—allows users to read, edit, create, and delete files and subdirectories, 
and to assign permissions to other users and groups. 


* Change—this is similar to full control but does not allow the user to set permissions 
for others. 


* Read—users are permitted to connect to the resource, run programs, and view 
files. They are not allowed to edit, delete, or create files. 


Most of the time, the shared folder permission is set to Full Control. The effective 
permissions are managed using NTFS security. 


MANAGING SHARED FOLDERS 


The Shared Folders snap-in (available through the Computer Management console) 
lets you view all the shares configured on the local machine as well as any current user 
sessions and open files. 
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(& Computer Management = o x 
File Action View Help 
@ | 2mb] Bibs 
i Computer Management (Locall| share Name Folder Path Type # Client Connec... Description Actions 
j H indows emote Admin Shares a 
~i eieaa i || g] anms CAWINDOWS Windows 0 Remote Admi 
tee a aj | mcs iii Wadea, 1 Paaa More Actions » 
ai pian Fis mi Pcs Windows 0 Remote IPC 
v 
z k d indows 
aa Shares LABFILES CALABFILES Wind 1 
E Sessions Ei prints CAWINDOWS\syst... Windows 0 Printer Drivers 
E Open Files 5 Users C:\Users Windows 0 
@ Local Users and Groups| 
@®) Performance 
AY Device Manager 
65 Storage 
iP Disk Management 
B Services and Applications | 
< >||< 3 


o| 


Viewing the Shared Folders snap-in via the Computer Management console. (Screenshot used with 
permission from Microsoft.) 


ADMINISTRATIVE SHARES 

You can think of the shares configured manually on a computer using the process 
described previously as local shares. In addition to any local shares created by a user, 
Windows automatically creates a number of hidden administrative shares, including 
the root folder of any local drives (C$), the system folder (ADMIN$), and the folder 
storing printer drivers (PRINT$). Administrative shares can only be accessed by 
members of the local Administrators group. 


Note: Note that if you disable password-protected sharing, the administrative shares 
remain password-protected. 


In fact, if you add a $ sign at the end of a local share name, it will be hidden from 
general browsing too. It can still be accessed via the command-line or by mapping a 
drive to the share name. 


BROWSING SHARES AND MAPPING DRIVES 

In File Explorer, network shares are listed by the server computer under the system 
object Network. Any network-enabled devices such as wireless displays, printers, 
smartphones, and router/modems are also listed here. The shortcut menu for Network 
allows you to open the Network and Sharing Center (via the Properties option) and 
map or disconnect network drives. 
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#17 9 > | Network = oO x 
Network View (2) 
D - ew print a 
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Viewing devices on the network—the Laserjet 200 printer listed here is connected directly to the 
network. (Screenshot used with permission from Microsoft.) 


You can also access a shared folder using Universal Naming Convention (UNC) syntax 
(\\ComputerName\Path), where ComputerName is the host name, FQDN, or IP address 
of the server and Path is the folder and/or file path. Remember that you can view an 
administrative share this way (if you have the relevant permissions). For example, the 
path \COMPTIA\Admin$ connects to the "Windows" folder on the "COMPTIA" 
computer. 


A network drive is a local share that has been assigned a drive letter. To map a share 
as a drive, right-click it and select Map Network Drive. Select a drive letter and keep 
Reconnect at sign-in checked, unless you want to map the drive temporarily. The 
drive will now show up under Computer or This PC. To remove a mapped drive, right- 
click it and select Disconnect. 
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[migns- 
Home Share View eo 
€ ~ M E, Network > COMPTIA v © Search COMPTIA 2 
gh Quick access = HP LaserJet 200 color MFP labfiles (\\Comptia) 
} Downloads => aie a x 
=| Documents 
L labfiles Q Map Network Drive 
E Desktop 
Bi Soest Chena Fes What network folder would you like to map? 
@ OneDrive a Users 
B James at CompTIA Specify the drive letter for the connection and the folder that you want to connect to: 
E This Pc 
‘pv Libraries Drives 5 x 
aa Flash Drive (I:) Folder: Comptia\labfiles Browse. 
È Network Example: \\server\share 
Œ COMPTIA h] Reconnect at sign-in 
E COMPTIA-LABS Connect using different credentials 
E localhost Connect to a website that you can use to store your documents and pictures. 
E Control Panel 
iā] Recycle Bin y 
3items 1 item selected 
Cancel 


Mapping a network drive. (Screenshot used with permission from Microsoft.) 


PRINTER SHARING VERSUS NETWORK PRINTER MAPPING 


Many print devices come with an integrated Ethernet and/or Wi-Fi adapter. This means 
that they can communicate directly on the network. Such a printer can be mapped 
using the Add Printer wizard (from Devices and Printers). Just enter the IP address or 
host name of the printer to connect to it. 


Any printer directly connected to a computer (whether via USB or direct network 
connection) can also be shared so that other network users can access it. A local 
printer is shared on the network via the Sharing tab on its Printer Properties sheet. 
To connect to a shared printer, open the server object from Network and the printer 
will be listed. Right-click it and select Connect. 


m| > | comptia = Oo x 
Home Share View e 
€e v 4 DB» Network > comptia > vd Search comptia P 
ge Quick access i CERTS HP LaserJet 200 color MFP M2... 

1 
E Desktop 
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d&a OneDrive - Personal Xx aiaee => 


a James at CompTIA 


x x Open 
E This PC E OpticalDrive 
\ i 
‘ph Libraries 
Create shortcut 

we USB Drive (D:) == ae Be Z5 
È Network l 

E comptia 

GB COMPTIA-LABS 
Control Panel 


Users = 
Properties 


Al Recycle Bin 


ul 


4items 1 item selected 


Connecting to a printer shared via the COMPTIA PC—Note that this is the same Laserjet 200 print 
device as shown earlier but it is being connected to as a shared device, rather than mapped directly. 
(Screenshot used with permission from Microsoft.) 
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OFFLINE FILES AND SYNC CENTER 


One of the issues with a workgroup is that a computer may get turned off by its user 
without the user consulting the rest of the workgroup first. There is no centralized 
control or administration over access to resources. If you need to use files ona 
network share where the connection is unreliable for any reason, you can use 
Windows' offline files feature to cache the files in the share on your local computer. To 
enable this, just right-click the share or mapped drive and select Always available 
offline. 


When the connection is restored, any changes between the local cache and the 
network share are synchronized automatically. If there are any conflicts, these are 
reported in the Sync Center Control Panel applet. You can use the Resolve button to 
choose whether to keep one or both versions. 


[È Offline Files — o x 


E€ > ~T B « All Control Panel Items > Sync Centre > Offline Files vd Search Offline Files pe] 


Control Panel Home é os á š 
Synchronisation partnership details 


View synchronisation View the items within this synchronisation partnership, synchronise now or change your 
partnerships synchronisation settings. 


View synchronisation conflicts 


View sync results Synchronise All Schedule (2) 
Set up new synchronisation labfiles (\\comptia) Drone 

partnerships l Status: Last shron r 
Manage offline files 1 conflicts 


Using Sync Center to resolve file conflicts in an offline folder cache. (Screenshot used with permission 
from Microsoft.) 


THE net COMMANDS 


There are several net command utilities that you can use to view and configure 
shared resources on a Windows network. A few of the commands are provided here, 
but you can view the full list by entering net /? You can view help on a specific 
command by entering net use /? 

e net use DeviceName \\ComputerName\ShareName 


This command will connect to a network resource, such as a folder or printer. For 
example, to map the DATA folder on MYSERVER to the M: drive, you would enter: 


net use M: \\MYSERVER\DATA /persistent:yes 


* net use DeviceName /delete 


This command removes a connection (net use * /delete removes all 
connections). 

e net view 
Used without switches, this displays a list of servers on the local network. Use 


net view \\Host to view the shares available on a particular server (where 
Host is an IP address or computer name). 


NTFS FILE AND FOLDER PERMISSIONS 


When you configure a network share, you can set share permissions for the accounts 
allowed to access the share. Share permissions have a number of limitations: 
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* The resource is only protected when a user connects over the network. Someone 
gaining access to the local machine would not have the same restrictions. 

* The permissions set apply from the root of the share and all subdirectories and files 
within the share inherit the same permissions. 


Systems that use the FAT file system are only able to support share permissions, but 
with NTFS it is possible to implement a much more comprehensive and flexible system 
of permissions. NTFS security protects the resource even when it is accessed locally 
and has a configurable system of propagation and inheritance. 


Windows enforces local security on an NTFS volume by holding an Access Control List 
(ACL) as part of the record for each file and folder stored in the volume's Master File 
Table (MFT). When a user attempts to access a file or directory, the security system 
checks which users and groups are listed in the ACL. A list of permissions is then 
obtained for that user. 


Security can be applied to individual files or (more commonly) to folders. When folders 
are secured, the matter of inheritance needs to be considered. 


Ia aes | 


| General Sharing Security Previous Versions Customise | | | Permissions for LABFILES 


|  Objectname: C:\LABFILES Security 
Gap r _ Object name: CALABFILES 
BÈ Everyone 
SR SYSTEM Group or user names: 
B James at CompTIA 
| BR, Administrators (COMPTIA\ Administrators) R SYSTEM 
| B James at CompTIA 
| To change pemissions, click Edit. Edit... 82, Administrators (COMPTIA\Administrators) 
| 
|  Pemnissions for Everyone Allow Deny 
Full control 
Modify 
Read & execute v Pemissions for Everyone 
| List folder contents vV Full c | 
| Read Y Modify 
Writ 
£ Read & execute 
For special permissions or advanced settings, Advanced List folder contents 


click Advanced. 


Read 


OK Cancel 


Configuring NTFS permissions via the Security tab for a folder. (Screenshot used with permission from 
Microsoft.) 


CONFIGURING NTFS PERMISSIONS 


To configure the NTFS security settings of a file or folder, right-click the object and 
select Properties, then select the Security tab. Users that may set permissions are 
restricted to administrators, users with full control permissions, and the owner of the 
file or folder. 


Permissions that may be applied to folders differ from those that apply to files. The 
differences are summarized in the following tables. Note that each permission may 
either be allowed or denied. 
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Folder Permission 


Read 
Write 


List 
Read & Execute 


Modify 

Full Control 

File Permission 
Read 

Write 


Read & Execute 
Modify 


Full Control 


The Official CompTIA® A+® Core 7 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 867 


Allows 


View files and subfolders including their attributes, 
permissions, and ownership. 


Create new folders and files, change attributes, view 
permissions and ownership. 


View the names of files and subfolders. 


Pass-through folders for which no permissions are assigned, 
plus read and list permissions. 


Read/Execute and Write permissions, as well as the ability to 
rename and delete the folder. 


All the above, plus changing permissions, taking ownership, 
and deleting subfolders and files. 


Allows 


Read the contents of the file and view attributes, ownership, 
and permissions. 


Overwrite the file and view attributes, ownership, and 
permissions. 


Read permissions, plus the ability to run applications. 


Read/Execute and Write permissions, as well as the ability to 
rename and delete the file. 


All the above, plus changing permissions and taking 
ownership. 


permissions that could be applied to a file or folder (select Advanced), but the 


© Note: These are available via the basic interface. There are in fact 12 individual 


combinations listed are usually sufficient. 


EFFECTIVE PERMISSIONS AND ALLOW VERSUS DENY 


Permissions are usually applied at one of three levels: 


* For application folders, the read/execute permission is granted to the appropriate 


group. 


* For data areas, the modify or read permission is assigned as appropriate. 
* To home directories (personal storage areas on a network), full control is assigned 
to the relevant user. 


A user may obtain multiple permissions from membership of different groups or by 
having permissions allocated directly to his or her account. Windows analyzes the 
permissions obtained from different accounts to determine the effective permissions. 
In this process, it is important to understand that "deny" overrides anything else (in 
most cases). If an account is not granted an "allow" permission, an implicit deny is 
applied. This is usually sufficient for most purposes. Explicit deny permissions are only 
used in quite specific circumstances. 


Putting explicit deny permissions to one side, the user obtains the most effective 
"allow" permissions obtained from any source. For example, if one group gives the 
user "Read" permission and another group gives the user "Modify" permission, the 
user will have "Modify" permission. 


PERMISSION PROPAGATION AND INHERITANCE 


NTFS permissions that are assigned to a folder are automatically inherited by the files 
and subfolders created under the folder. To prevent this from happening, open the 
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Security page and select Advanced, then select the Permission tab. In Windows 7, 
select the Change permissions button to proceed. 


Select the Disable inheritance button. In Windows 7, there is an Include inheritable 
permissions check box to uncheck rather than a button. Then, choose whether to 
Convert inheritable permissions into explicit permissions (in Windows 7, this is the 
Copy option) or Remove inherited permissions. You can then modify the permissions 
on this folder independently of its parent. 


To apply security settings for the current folder to all child objects (permission 
propagation), check the Replace all child object permissions with inheritable 
permissions box. 


|| Advanced Security Settings for LABFILES Oo x 
Name: C:\LABFILES 
Owner: James at CompTIA (james.pengelly@gtslearning.com) © Change 
Permissions Share Auditing Effective Access 


For additional information, double-click a permission entry. To modify a permission entry, select the entry and click Edit (if available). 


Permission entries: 


Type Principal Access Inherited from Applies to 
a Allow James at CompTIA (james.pe... Full control None This folder, subfolders and files 
SR Allow Administrators (COMPTIA\Ad... Full control None This folder, subfolders and files 
SR Allow SYSTEM Full control None This folder, subfolders and files 
SR Allow Everyone Read & execute None This folder, subfolders and files 
Add Remove View 
Enable inheritance 


(J Replace all child object permission entries with inheritable permission entries from this object 


OK Cancel Apply 


Configuring permissions inheritance on a folder. (Screenshot used with permission from Microsoft.) 


Note: Directly assigned permissions (explicit permissions) always override inherited 
permissions, including "deny" inherited permissions. For example, if a parent folder 
specifies deny write permissions but an account is granted allow write permissions 
directly on a child file object, the effective permission will be to allow write access on the 
file object. 


OWNERSHIP 

The owner of a resource can manage that resource in terms of permissions and other 
attributes. Generally speaking, if a user creates a file, they will own the file. 
Administrators can assign ownership to some other user (or group). This might be 
done because the current owner of a resource has been deleted from the user 
accounts database. 


When a folder's ownership details are modified, the administrator can choose to 
propagate the changes down the tree to subfolders and their contents. 


MOVING AND COPYING NTFS FILES AND FOLDERS 


The behavior of NTFS permissions when moving and copying files under Windows is 
summarized in the following table. 
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Action Effect 

Moving files and folders Write permission is required for the destination folder and 
on the same NTFS Modify for the source folder. NTFS permissions are 

volume retained. 

Moving files and folders Write permission is required for the destination folder and 
to a different NTFS Modify for the source folder. NTFS permissions are 

volume inherited from the destination folder and the user becomes 


the Creator/Owner. 
Copying files and folders Write permission is required for the destination folder and 


on the same NTFS Read for the source folder. NTFS permissions are inherited 

volume or different from the destination folder and the user becomes the 

NTFS volumes Creator/Owner. 

Moving files and folders Modify permission is required for the source folder. All 

to a FAT or FAT32 permissions and NTFS attributes (such as encryption) are 

partition lost, as FAT does not support permissions or special 
attributes. 


COMBINING NTFS AND SHARE PERMISSIONS 


It is possible to use a combination of share and NTFS permissions to secure resources. 
The factors to consider include: 


e Share permissions only protect the resource when it is accessed across the 
network. 

* NTFS permissions are used to protect the resource from unauthorized local access. 

e Disk partitions using the FAT file system can only be protected using share 
permissions. 

e Share permissions are set at the root of the share and all files and subdirectories 
inherit the same permissions. 

* NTFS permissions are used in combination with the share permissions to provide 
greater flexibility; for example, to place more restrictive permissions at lower levels 
in the directory structure. 

e If both share and NTFS permissions are applied to the same resource, the most 
restrictive applies (when the file or folder is accessed over the network). For 
example, if the group "Everyone" has Read permission to a share and the "Users" 
group is given Modify permission through NTFS permissions, the effective 
permissions for a member of the "Users" group will be Read. 
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/ Permission - 
A READ 


nw 


NTFS 
Permissions - 
MODIFY 


> 


I 


READ 


Effective permissions through a shared folder. (Image © 123RF.com.) 


In practice, share permissions are always configured as Full Control and the NTFS 
permissions are used to configure the actual rights. 


Note: If you do not have sufficient permissions to access or modify a resource, you will 
see an "Access denied" error message. 
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Activity 14-2 


Discussing Shared Resource 
Configuration 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. You are setting up a Windows 10 workstation as a file server for a small office. 


How many computers can connect to the file share at any one time? 


2. What is the significance of a $ symbol at the end of a share name? 


3. What basic NTFS permissions do you need to move a file and to copy a file? 


4. When you set permissions on a folder, what happens to the files and 
subfolders by default? 


5. Ifa user obtains Read permissions from a share and Deny Write from NTFS 
permissions, can the user view files in the folder over the network? 


6. A user is assigned Read permissions to a resource via his user account and Full 
Control via membership of a group. 


What effective permission does the user have for the resource? 
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Activity 14-3 


Configuring Shared Resources 


BEFORE YOU BEGIN 
Complete this activity by using Hyper-V Manager and the PC1 (Windows 10) and PC2 
(Windows 7) VMs. 


SCENARIO 


In this activity, you will configure the two client VMs as part of a workgroup and 
practice creating users and shares. 


1. Both PC1 and PC2 are joined to a domain. To complete this activity, you need to 
remove PC2 from the domain and join it to the WORKGROUP workgroup. 
a) Start the PC2 VM, and sign on using the account 515support\administrator and 
password Pa$$w0rd 
b) Select Start, right-click Computer, and select Properties. 


c) Inthe System applet, under Computer name, domain, and workgroup settings, 
select Change settings. 


d) In the System Properties dialog box, select the Change button. 

e) Select the Workgroup option button and type WORKGROUP in the box. 
f) Select OK. 

g) Atthe Computer Name/Domain Name Changes prompt, select OK. 


h) In the Windows Security dialog box, enter the user name administrator and the 
password Pa$$w0rd and then select OK. 


ES 
+ |4 | [ Search Contr Pone p 


Computer Name/Domain Changes 
your computer 
You can change the name and the membership of this er 
might affect access to network resources. 


More information 


Computer Name/Domain Changes 
Enter the name and password of an account with permission to remove 
this computer from the domain. 


=- administrator } 
| | E | 


Domaine corp.515supportcom 


Member of 


n 


xp 51 Seuppor com 


© Workgroup: 
WORKGROUP 


C Gea) 


(Ok _] [_Canoa_] 
mororooo romcomporernarmer orp S1Ssupport.com 
Windows Update Computer description: 


Performance Information and Doman: com.S1Ssupport.com 
Tools 


Windows activetion z 


Leaving a domain and joining a workgroup in Windows 7—there are a lot of dialog boxes 
to click through! (Screenshot used with permission from Microsoft.) 
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i) | When you are prompted by the Welcome to the WORKGROUP workgroup dialog 
box, select OK, and then select OK again to confirm that a restart is required. 


j) In the System Properties dialog box, select the Close button. 
k) Atthe Microsoft Windows prompt, select Restart Now. 


Configure PC1 to join the workgroup by using the Settings app. 


a) Start the PC1 VM and sign on using the account 515support\administrator and 
password Pa$$w0rd 


b) Select the Start button, and select the Settings icon. 
c) Select Accounts and then select the Access work or school node. 


d) Select Connected to 515support AD domain then select the Disconnect button. 
Confirm the prompt by selecting Yes. 


e) Confirm again by selecting Disconnect. 


f) In the Enter alternate account info box, enter the user name Admin with Pa$$w0rd 
and select OK. 


g) When you are prompted, select Restart now. 


Create a standard user account named Sam on PC2. 

a) Switch to the PC2 VM, and sign on using the account Admin and password Pa$$w0rd 
b) Select Start, right-click Computer, and select Manage. 

c) | Expand Local Users and Groups and select the Users folder. 

d) Right-click Users and select New User. 


e) Inthe User name box, type Sam and then type Pa$$w0rd in the Password and 
Confirm password boxes. 


f) | Uncheck User must change password at next logon, and then select the Create 
button. 


g) Select the Close button. 
h) Select Start, then select the arrow on the Shut down button, and select Log off. 


i) Select the Sam user account icon. Type Pa$$w0rd in the password box and then press 
Enter. 


Configure anonymous file sharing on PC1. 

a) Switch to the PC1 VM, and sign on using the account Admin and password Pa$$w0rd 
b) Select the network status icon and select Network & Internet settings. 

c) Inthe Settings app, select Sharing options. 


d) Under Guest or Public, select Turn on network discovery and Turn on file and 
printer sharing. 


e) Expand the All Networks section. 

f) Select Turn off password protected sharing. 
g) Select Save changes. 

h) Leave the Settings app open. 


Examine the changes this setting has made to the Guest account, and observe 
security group memberships. 

a) Right-click Start and then select Computer Management. 

b) Expand Local Users and Groups and select the Users folder. 

c) Observe that the Guest account is enabled. 

d) Select the Groups folder, and observe the built-in groups. 

e) Right-click Guests and select Properties. 

f) Verify that the only member is the Guest user account. 

g) Select Cancel. 

h) Right-click Administrators and select Properties. 


This group contains the built-in Administrator user account. This root-type account 
should not be used. The Admin user was created during setup. 
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10. 


i) Select Cancel. 
j) Leave the Computer Management console open. 


Create an anonymous read only file share to the C:\LABFILES folder on PC1. 
a) Open File Explorer and browse to the C:\ root folder. 

b) Right-click the LABFILES folder and select Give access to—Specific people. 

c) From the list box, select the Everyone account and select the Add button. 

d) Verify that the permission level defaults to Read. 

e) Select the Share button. 

f) Select Done. 


Test the file share by connecting to it from PC2. 
a) Switch to the PC2 VM. 


b) Open Windows Explorer and browse to the share using its UNC path: \ 
\PC1\LABFILES. 


c) Copy a file from the share to your desktop. 
d) Confirm you have read-only permissions by trying to delete a file. 
e) Log off from the PC2 VM. 


Anonymous access is simple to set up, but it is not very secure. In the next part of 
the activity, you will configure password-protected file sharing and explore some 
of the difficulties of managing this in a workgroup. 


Disable anonymous access and test the effect it has on opening the share from 
PC2. 


a) Switch to the PC1 VM. In the Settings app, select Sharing options. 

b) Expand the All Networks section. 

c) Select Turn on password protected sharing. 

d) Select Save changes. 

e) Switch to the Computer Management console and view the Users folder. 
f) Press F5 to refresh the view. 

g) Verify that the Guest account is now disabled. 

h) Leave the Computer Management console open. 

i) Switch to the PC2 VM, and sign back on as Sam 


j) Open Windows Explorer, and browse to the share by using its UNC path \ 
\PC1\LABFILES. 


k) Verify that, after a delay, you are prompted to enter credentials. 

I) Try to authenticate by using the user name Sam and password Pa$$w0rd 
m) Select Cancel to acknowledge each prompt when this fails. 

n) Close Windows Explorer. 


The Sam user account is local to PC2. PC1 cannot authenticate the account. To 
configure password-protected access, create the Sam account on PC1, using Pa$ 
$wOrd as the password. 

a) Switch to the PC1 VM. 

b) Select the Computer Management console. 

c) Right-click Users and select New User. 

d) Inthe User name box, type Sam 

e) Type Pa$$w0rd in the Password and Confirm password boxes. 


f) | Uncheck User must change password at next logon, and then select the Create 
button. 


g) Select the Close button. 
h) Switch to the PC2 VM. 
i) Open Windows Explorer, and browse to the \\PC1\LABFILES share. 
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You should be able to connect this time. 


Use PC2 to change Sam's password, and observe the effect on accessing the file 
share. 


Creating user accounts on each PC is not an efficient use of administrators’ time. It is also 
difficult to keep the account credentials in sync. 


a) 
b) 
c) 
d) 
e) 


On the PC2 VM, press CtrI+Alt+End, and then select Change a password. 

Set the new password to NotPa$$w0rd 

Select OK. 

Log off and log back on (remembering that the password is now NotPa$$w0rd). 
Open Windows Explorer, and try to browse to the \\PC1\LABFILES share. 

Verify that after a delay, you are prompted to enter credentials. 

Provide the current user name and password, and select Cancel for each prompt. 
Switch to the PC1 VM. 


In the Computer Management console, right-click the Sam user account and select 
Set Password. 


Observe the warning. 

Resetting a password like this can make encrypted files inaccessible. 
Select Proceed. 

Set the new password to NotPa$$wOrd and select OK. 

Select OK at the prompt. 

Switch to PC2, and verify that you can access the share again. 


In the last part of this activity, you will investigate the permissions configured on 
the share. Make the MARKETING subfolder writable by Sam's account. You should 
do this by configuring NTFS permissions (via the folder's Security properties tab). 


a) 
b) 


Switch to the PC1 VM. 

Open File Explorer, and browse to the C:\LABFILES folder. 

Right-click the MARKETING folder and select Properties. 

Select the Security tab. 

Select the Edit button. 

In the Permissions for MARKETING dialog box, select the Add button. 

In the Select Users or Groups dialog box, type sam and then select Check Names. 
The name should be resolved to PC1\Sam and be underlined. 

Select OK. 


Note: Remember that this is just the display name. The permission is 
configured using the account SID. 
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In the Permissions for MARKETING dialog box, with the Sam account selected in the 
top box, in the Permissions for Sam box, check the Allow box for the Modify 
permission. 
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Configuring NTFS permissions. (Screenshot used with permission from Microsoft.) 
Select OK. 


In the MARKETING Properties dialog box, select OK. 


Switch to PC2, and verify that you can delete the file in C\LABFILES\MARKETING and 
create a new file in the folder. 


5 2:48 AM 
») 
A 0) ENG sane A 


Make sure you understand the permissions that have been configured: 


* The LABFILES parent folder NTFS permissions are set to allow the Everyone group 
read permissions. As Sam is automatically part of the Everyone system group, 
these are the permissions that apply to the files and most of the subfolders when 
Sam tries to access them. 

* The MARKETING subfolder gives Sam explicit Full Control permissions. When 
combining the read permission from the parent and the full control permission 
set here, the most effective permission "wins." This means that Sam has full 
control over objects in the MARKETING subfolder. 


13. If you have time, view the share permissions for the folder, and investigate how 
they interact with NTFS permissions. 


a) 


Switch to the PC1 VM. 

In File Explorer, browse to the C:\ root folder. 

Right-click the LABFILES folder and select Properties. 

Select the Sharing tab. 

Select Advanced Sharing. 

In the Advanced Sharing dialog box, select the Permissions button. 
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g) Inthe Permissions for LABFILES dialog box, with the Everyone account selected in 
the top box, in the Permissions for Everyone box, uncheck the Allow boxes for Full 
Control and Change. 
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Configuring share permissions. (Screenshot used with permission from Microsoft.) 
h) Select OK. 


i) In the Advanced Sharing dialog box, select OK. 
j) In the LABFILES Properties dialog box, select Close. 


k) Switch to PC2, and verify that you cannot delete the file you created in C:\LABFILES 
\MARKETING or create another new file in the folder. Cancel any permission denied 
error prompts you receive. 


Share permissions apply from the root of the share (but only when the file or folder is 
accessed over the network). When combined with NTFS permissions, the most 
restrictive permission applies, which is why this step failed. You can't avoid setting 
share permissions, but really you discount them by setting them to Full Control for all 
valid users and then configuring NTFS permissions to facilitate whatever security 
policy you want to apply. You can use NTFS permissions to configure rights for 
different accounts and have different access levels for individual files and subfolders. 


14. If you have time, switch to the PC1 VM, and view the Shared Folders snap-in in 


15. 


the Computer Management console. 


You can use this console to create and modify shares, view users connected to shares, and 
view files opened by users. You can also force open files or sessions to close. 


At the end of each activity, you need to close the VMs and discard any changes 
you made. 


a) From the connection window, select Action—Revert. 
b) Ifyou are prompted to confirm, select the Revert button. 
c) Repeat these steps to revert the PC2 VM. 
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Topic C 


Configure Active Directory Accounts and 
Policies 


EXAM OBJECTIVES COVERED 
BI 1002-1.4 Given a scenario, use appropriate Microsoft command line tools. 


1002-1.8 Given a scenario, configure Microsoft Windows networking on a client/desktop. 
1002-2.2 Explain logical security concepts. 
1002-2.7 Given a scenario, implement security best practices to secure a workstation. 


So far in this lesson, you have managed users and shared resources from a single 
computer. If you are part of a large organization, you would quickly find that this is a 
very inefficient way to configure resources. On a network, you can use something 
called directory-based tools to manage users, groups, and folders. 


WINDOWS ACTIVE DIRECTORY DOMAINS 


Windows networking provides two kinds of user account: local and domain. Local 
accounts are stored in the Local Security Accounts database known as the Security 
Account Manager (SAM), stored in the registry, as a subkey of 
HKEY_LOCAL_MACHINE. These accounts are local to the machine and cannot be 
accessed from other computers. If a user needs access to multiple computers in a 
workgroup environment, then each computer will need to hold a relevant user 
account. 


Domain accounts are stored in the Active Directory (AD) on a Windows Server 
Domain Controller (DC). These accounts can be accessed from any computer joined 
to the domain. Only domain administrators can create these accounts. 


ACTIVE DIRECTORY COMPONENTS 


Active Directory is a complex service, with many components. Some of the 
components that you will encounter as an A+ technician include domain controllers, 
member servers, and organizational units. 


DOMAIN CONTROLLERS 
A domain is the basic administrative building block in Windows client/server 


networking. To create a domain, you need one or more Windows servers configured as 
domain controllers. 


The domain controllers store a database of network information called Active 
Directory. This database stores user, group, and computer objects. The domain 
controllers are responsible for providing authentication services to users as they 
attempt to logon to the network. 


The servers are controlled by network administrators, who also define client 
computers and users permitted to access resources. This network model is centralized, 
robust, scalable, and secure. 
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Directory Replication 


Domain Controller 


Domain controller Member Server 


Domain 
A Security 
Windows Professional Windows Professional Datakas¢ 


Active Directory security accounts are stored and managed from a domain controller. (Image © 
123RF.com.) 


MEMBER SERVERS 

Member servers are any server-based systems that have been configured into the 
domain, but do not maintain a copy of the Active Directory database and are, 
therefore, unable to provide logon services. Because the user validation process 
consumes resources, most servers are configured as member servers rather than 
domain controllers. They will provide file and print and application server services 
(such as Exchange for email or SQL Server for database or line-of-business 
applications). 


ORGANIZATIONAL UNITS 

Organizational Units (OUs) provide a way of dividing a domain up into different 
administrative realms. You might create OUs to delegate responsibility for 
administering different company departments or locations. For example, a "Sales" 
department manager could be delegated control with rights to add, delete, and modify 
user accounts but no rights to change account policies, such as requiring complex 
passwords or managing users in the "Accounts" OU. 


DOMAIN MEMBERSHIP 


To fully participate in the benefits of an Active Directory domain, client computers 

must become members of the domain. Domain membership means: 

* The computer has a computer account object within the directory database. 

* Computer users can log on to the domain with domain user accounts. 

* The computer and its users are subject to centralized domain security, 
configuration, and policy settings. 

* Certain domain accounts automatically become members of local groups on the 
computer. 

* Client computers within the domain allow users to access the network's services. 

In Windows 7, Windows 8/8.1, and Windows 10, you can use the System Properties 

dialog box to join a domain. On a Windows 10 PC, you can also use the Settings app to 

join a domain. 
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Family & other people 


O Type here to search 


Joining a domain using the Settings app in Windows 10. (Screenshot used with permission from 
Microsoft.) 


Note: The other option is to join an Azure Active Directory. Azure is essentially a cloud- 
hosted version of AD. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vf and job aids on How to Join a Domain. 


DOMAIN SIGN-IN 


To use services in the domain, the user must sign into the PC using a domain account. 
The Other user option in the sign in screen will provide a domain option if it is not the 
default. You can also enter a username in the format Domain\UserName to specify a 
domain login. 
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Other user 
|bsername S 


— 


Sign in to: classroom 


How do | sign in to another domain? 


Signing into a domain. (Screenshot used with permission from Microsoft.) 


GROUP POLICY OBJECTS 


On a standalone workstation, security policies for the local machine and for local 
accounts are configured via the Local Security Policy or Local Group Policy snap-in. 
In an AD domain, they can be configured via Group Policy Objects (GPOs). GPOs are a 
means of applying security settings (as well as other administrative settings) across a 
range of computers and users. GPOs are linked to network administrative boundaries 
in Active Directory, such as domains and OUs. 


GPOs can be used to configure software deployment, Windows settings, and, through 
the use of Administrative Templates, custom Registry settings. Settings can also be 
configured on a per-user or per-computer basis. 

A system of inheritance determines the Resultant Set of Policies (RSoPs) that apply 
to a particular computer or user. GPOs can be set to override or block policy 
inheritance where necessary. 

Windows ships with default security templates to provide the basis for GPOs 
(configuration baselines). These can be modified using the Group Policy Editor or 
Group Policy Management Console (GPMC). GPOs can be linked to objects in Active 
Directory using the object's property sheet. 
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Group Policy Management. (Screenshot used with permission from Microsoft.) 


SECURITY POLICY UPDATES 


When updating local or group security policies, it is important to be familiar with the 
use of two command-line tools: 


gpupdate—policies are applied at log on and refreshed periodically (normally 
every 90 minutes). The gpupdate command is used to apply a new or changed 
policy to a computer immediately whereas gpupdate /force causes all 
policies (new and old) to be reapplied. The gpupdate command can be used 

with / logoff or /boot to allow a sign-out or reboot if the policy setting requires 
it. 

gpresult—displays the RSoP for a computer and user account. When run 
without switches, the current computer and user account policies are shown. 


The /s, /u, and /p switches can be used to specify a host (by name or IP address), 
user account, and password. 


BASIC AD FUNCTIONS 


Windows Server versions are quite similar to their desktop equivalent, so Windows 
Server 2016 shares many of the features of Windows 10. In Windows Server, the 
Server Manager app provides a single location where you can access server 
management tools. When you install Active Directory on a server, several management 
consoles are added to the Tools menu in Server Manager. 
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Accessing the AD management consoles via Server Manager. (Screenshot used with permission from 
Microsoft.) 


Note: Logging in locally to the server is burdensome and an increased security risk. More 
typically, you will install the Remote Server Administration Tools (RSATs) to your local 
computer to connect to the server to make changes. 


ACCOUNT CREATION AND DELETION 


The Active Directory Users and Computers console allows you to manage users, 
groups, and Organizational Units. By default, there are some existing containers and 
OUs to store some of the default accounts created when AD is installed. You can create 
more OUs to store accounts in. You can use OUs to store accounts that have a similar 
security or administrative profile. 


To create a new user account, right-click in the container or OU where you want to 
store the account and select New—User. 


Complete the username fields then in the next dialog box, choose an initial password. 
The default option is to force the user to select a new password at first sign in. 


You can delete a user account by right-clicking the object and selecting Delete. 
Deleting an account is not easy to reverse, though AD does now support a Recycle Bin 
feature. In many circumstances, it may be more appropriate to disable an account. 
Once an account is disabled, the user is denied access to the network until the 
administrator re-enables the account. 
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Creating a new user account in AD. (Screenshot used with permission from Microsoft.) 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
VS and job aids on How to Create and Delete Domain Accounts. 


LOGON SCRIPTS 


Logon scripts, also known as login scripts or sign-in scripts, run when a user logs on to 
a computer. User logon scripts can be assigned to users as part of a group policy. 
Logon scripts can be used to configure the environment for the user—setting 
environmental variables, setting a home folder, mapping drives to specific server- 
based folders, and mapping to printers or other resources, for example. A logon script 
can also be used to ensure that the client meets the security requirements for signing 
on to the network. For example, if the client has out-of-date software, logon can be 
denied until the software is updated. 


If possible, assign logon scripts to the largest number of users that need the same 
configuration. A script can be assigned at the domain level, the OU level, or security 
group level. If a user requires additional or different settings, a logon script can be 
created for individual users, but that is one more item to maintain. 
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Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
VW and job aids on How to Manage Logon Scripts. 


HOME FOLDER 


A home folder is a private network storage area located in a shared network server 
folder in which users can store personal files. The home folder can be created for 
domain users through the Active Directory Users and Computers tool. Using home 
folders, administrators can more easily create backups of user files because all of the 
files are located in one place on a file server. If the administrator doesn't assign a 
home folder location, the computer will automatically use the Documents folder 
location as the default home folder. 
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The home folder is configured as a Profile property for a user. (Screenshot used with permission from 
Microsoft.) 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vf and job aids on How to Create Home Folders. 
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FOLDER REDIRECTION 


By default, user settings and data files are stored in a local user profile located in the 
Users folder. For users that work on more than one computer, they will have separate 
profiles on each computer and the data files stored on the first computer are not 
available on the second computer. Microsoft created a couple of technologies to deal 
with this issue. One is folder redirection and the second is roaming profiles. Folder 
redirection allows an administrative user to redirect the path of a local folder (such as 
the user's home folder) to a folder on a network share. Roaming profiles redirect user 
profiles to a network share as well. By using both folder redirection and roaming 
profiles, the user's data and profile information is available when the user logs into any 
computer on the network where the network share is located. 


BENEFITS OF USING FOLDER REDIRECTION 

By having folders redirected from local storage to network storage, administrators can 
back up user data while backing up network data folders. This ensures that user data is 
being backed up without relying on users to back up their data. 


Another benefit is, by using folder redirection with roaming profiles and the offline 
files feature, users can access network files even if the network is unavailable, if 
network access is slow, or users are working offline. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
Vf and job aids on How to Configure Folder Redirection. 


ACCOUNT LOCKS AND PASSWORD RESETS 


If a user account violates a security policy, such as an incorrect password being 
entered repeatedly, it may be locked against further use. The account will be 
inaccessible until it is unlocked by setting the option in the Properties dialog box on 
the Account tab. 
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Using the Properties dialog box to unlock a user account. (Screenshot used with permission from 
Microsoft.) 


If a user forgets a password, you can reset it by right-clicking the account and selecting 
Reset Password. You can use this dialog as another way to unlock an account too. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 


Access the Checklist tile on your CHOICE Course screen for reference information 
VS and job aids on How to Unlock Domain Accounts and Reset Passwords. 
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Activity 14-4 


Discussing Active Directory Account 
and Policy Configuration 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What type of computer stores Active Directory account information? 


2. What are the prerequisites for joining a computer to a domain? 


3. True or false? If you want the same policy to apply to a number of 
computers within a domain, you could add the computers to the same 
Organizational Unit (OU) and apply the policy to the OU. 


4. What is the difference between the gpupdate and gpresult commands? 


5. In Active Directory, what are the options for running a script each time the 
user logs on? 


6. Howdo you unlock an AD user account? 
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Activity 14-5 


Configuring Active Directory Accounts 
and Policies 


BEFORE YOU BEGIN 

In this activity, you will configure accounts and settings on servers and clients within an 
Active Directory (AD) domain. Take a moment to review the VMs available on the local 
network. 


') 172.16.0.0/30 |  10.1.0.0/24 


PC2 PC1 MS1 DC1 


vLOCAL Switch 


Network environment for the activity. 


There are two Windows Server VMs. The DC1 VM is running Active Directory and DNS 
and has the IP address 10.1.0.1. The MS1 VM is running DHCP and has the static 
address 10.1.0.2. The PC1 and PC2 VMs are the Windows 10 and Windows 7 client 
workstations. Their addresses are dynamically assigned by the DHCP server from the 
range 10.1.0.101 to 10.1.0.109. 


SCENARIO 


In this activity, you will look at some of the features of a Windows domain server-based 
network by configuring a user account, GPO, and folder redirection. 


1. Start the VMs to create the network. You do not need to open connection 
windows for the VMs unless prompted. 
a) In Hyper-V Manager, right-click RT1-LOCAL and select Start. 
b) Right-click DC1 and select Start. 
c) Wait until the DC1 thumbnail shows the logon screen, and then start MS1. 
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d) Wait until the MS1 thumbnail shows the logon screen, and then start PC1 and PC2. 
e) Open a connection window for PC1. 
f) Sign-on using the account 515support\Administrator and password Pa$$w0Ord 


2. Investigate the domain's DNS suffix, and test connectivity with the Domain 
Controller. 


a) Point to the network status icon. 


The tooltip should identify the connection as corp.515support.com. This is the DNS 
suffix for the domain. 


corp.515support.com 


No Internet access 
AN costes 
ci of 7 11/15/2018 


age 


Checking the network status. (Screenshot used with permission from Microsoft.) 


Using a subdomain such as corp (ad is also popular, but any label can be used) is one 
way of configuring the namespace for the local AD network. Some companies use the 
same domain name (515support.com) internally and externally. Users only need to 
use the "simple" domain label (515support) to sign on. 


b) Open a command prompt. Run the command hostname.. 
This reports the local machine's name (PC1) 
c) Runipconfig and record the "Connection-specific DNS Suffix" parameter. 
d) Run the following command: ping pcl 
The command automatically appends the DNS suffix to the hostname to use the Fully 
Qualified Domain Name (FQDN) of pc1.corp.515support.com. 
e) Run the following command: ping dcl 
The test should be successful. 
f) | Close the command prompt. 


3. The PC1 VM has been installed with the Remote Server Administration Tools 
(RSAT). These allow administrators to configure the domain without having to sign 
on to the DC locally. Use RSAT to view the domain's DNS server, running on DC1. 
a) On PC1, select Start—Windows Administrative Tools—DNS. 


b) Inthe Connect to DNS Server dialog box, select The following computer. Type dc7 
and select OK. 
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c) Inthe DNS console, expand dc1—Forward Lookup Zones—corp.515support.com. 


A Forward Lookup Zone is a list of host names mapped to IP addresses. You can see 
automatically registered A host records for each VM in the zone. The record contains 
the IPv4 address assigned by DHCP. Each host name is appended with the domain 
suffix (corp.515support.com) to create a Fully Qualified Domain Name (FQDN). The 


servers also have IPv6 (AAAA) host records. 


v 


E Forward Lookup Zones 
E _msdcs.corp.515supp 
(5) corp.515support.corr 


sites 


Elte 


E 515support.com vr f 
[F] Reverse Lookup Zones DomainDnsZones 
E Trust Points ForestDnsZones 


E Conditional Forwarders 


A (same as parent folder) 


Start of Authority (SOA) 


[39], dc1.corp.515support.... 


DNS Manager FE 
File Action View Help 
e 9| 2mp aB m| i aa 
3, DNS Name Type Data Timestamp 
v i del Ej -msdcs 


static 


A (same as parent folder) Name Server (NS) dc1.corp.515support.com. static 
A (same as parent folder) Host (A) 10.1.0.1 11/15/2018 3:00:00 AM 
A (same as parent folder) Mail Exchanger (MX) [10] mail.corp.515support... static 
A (same as parent folder) IPv6 Host (AAAA) fdab:cdef:0000:0001:0000:... 11/15/2018 3:00:00 AM 
Hac Host (A) 10.1.0.1 static 
Aac IPv6 Host (AAAA) fdab:cdef:0000:0001:0000:... static 
Amal Host (A) 10.1.0.2 static 
Hmsı Host (A) 10.1.0.2 11/15/2018 3:00:00 AM 
A MS1 IPv6 Host (AAAA) fdab:cdef:0000:0001:0000:... 11/15/2018 3:00:00 AM 
Arci Host (A) 10.1.0.100 11/15/2018 3:00:00 AM 
HpPc2 Host (A) 10.1.0.101 11/15/2018 3:00:00 AM 
A updates Alias (CNAME) MS1.corp.515support.com. static 
į [ww Host (A) 10.1.0.10 static 


Viewing DNS records. (Screenshot used with permission from Microsoft.) 


The updates alias record (CNAME) enables a host to be accessed by using a different 
label. 


d) Start the web browser and open updates.corp.515support.com. 
A web page showing the company's update portal is returned. 


e) Switch back to the DNS console, and open the _tcp folder. 
This is one of the folders containing records that support Windows domain services. 


Clients use these service records to sign on and query the directory. There is a record 
for LDAP (Lightweight Directory Access Protocol). 


f) Close all open windows on the PC1 VM. 


Use RSAT to create a new domain user account called David, and then add David 

to the Sales security group (this has been created for you already). 

a) On the PC1 VM, select Start—Windows Administrative Tools—Active Directory 
Users and Computers. 

b) Inthe left pane, expand corp.515support.com—Users. 

c) Right-click Users and select New— User. 

d) In the New Object - User dialog box, in the First name box, type David 

e) Inthe User logon name box, type david and then select Next. 

f) | Inthe Password and Confirm password boxes, type Pa$$w0rd 


g) Clear the User must change password at next logon box and check the Password 
never expires box. Select Next and then select Finish. 


h) In Active Directory Users and Computers, in the main pane, right-click the David 
user account and select Add to a group. 


i) In the Enter the object names box, type sales then select the Check Names button. 


The name should be underlined to show that it has been matched to a valid Active 
Directory object. 


j) Select OK, then confirm the prompt by selecting OK again. 
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k) 


m) 


n) 


Observe that the Users folder contains both user and security group accounts. 
Observe some of the built-in Active Directory security groups, such as Domain 
Admins and Domain Users. 


Locate the Sales security group account. Right-click it and select Properties. Inspect 
the Members and Member Of tabs. 


Security groups can both contain user and group accounts and be members of other 
group accounts. This nesting allows sophisticated permissions systems to be 
implemented. 


Select Cancel. 


In this example, using a group hasn't saved much time. But if you imagine a sales 
department with a few hundred users who all need the same permissions to be 
allocated, you can understand why using groups is more efficient and secure than 
allocating permissions directly to user accounts. 


View the ComputersOU and Domain Controllers folders. These are Organizational 
Unit (OU) containers. They contain the accounts for the domain-joined computers. 
The DC is in a separate container to the other computers. This means it is easy to 


apply different policies to it. Most networks would have separate containers for 
member servers and client computers too (or even more subdivisions). 


5. Create a shared folder on MS1 called HOME, and configure the share permissions 
to give Full Control to the Everyone group. 


a) 


h) 


Open a connection window for MS1. 

Sign on using the account 515support\Administrator and password Pa$$w0Ord. 
Open File Explorer, and create a folder named HOME in the C:\ root folder. 
Right-click the HOME folder and select Properties. 

Select the Sharing tab and then select the Advanced Sharing button. 

Check the Share this folder box and then select the Permissions button. 
With Everyone selected, check the Allow box for Full Control. 


m 


&IM Os 
— 
= ~ Mis > ThisPC > Local Disk (C:) v & j 
Name 
oh Quick access B: General| Sharing | Sed 
IB Desktop = 
[| LABF Network File and Fold 
} Downloads Perfl, HOME | Share this folder 
£| Documents Prog i Not Shared: Settings 
=) Pictures Prog Network Path Sacri ) Permissions for HOME 
LABFILES Users Not Shared HOME Share Permissions 
Wi 
E This PC efe Share.. Group or user names: 
; BR Everyone 
ff Network Advanced Sharing Limit the number of simultaneous SR Everyo 
Set custom permissiot : 
advanced sharing op} Comments: 
@ Advanced Sha 
Add. Remove 
Permissions Caching 
Pemissions for Everyone Allow Deny 
z Full Control M 
Change M] 
Read z 
OK Cancel 


8items 1 item selected 


OOOO | eC; 


Configuring shared folder permissions. (Screenshot used with permission from Microsoft.) 
Select OK. 


In the Advanced Sharing dialog box, select OK. Leave the HOME Properties dialog 
box open. 
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To allow the redirection process to copy each user's folders and keep them 

private to each user, you need to configure specific permissions on the parent 

folder and disable inheritance. 

a) Inthe HOME Properties dialog box, select the Security tab and then select the 
Advanced button. 

b) Inthe Advanced Security Settings for HOME dialog box, select the Disable 
inheritance button. 

c) Atthe prompt, select Convert inherited permissions into explicit permissions on 
this object. 
This "detaches" the HOME folder from inheriting permission from the C:\ parent 
folder. 

d) Select each Users (MS1\Users) entry and select Remove. 


|| Advanced Security Settings for HOME Oo x 


Name: CAHOME 


Owner: Administrator @) Change 
Permissions Share Auditing Effective Access 


For additional information, double-click a permission entry. To modify a permission entry, select the entry and click Edit (if available). 


Permission entries: 


Type Principal Access Inherited from Applies to 
2 Allow SYSTEM Full control None This folder, subfolders and files 
8% Allow Administrators (MS1\Adminis... Full control None This folder, subfolders and files 
a Allow Administrator Full control None This folder only 
82 Allow CREATOR OWNER Full control None Subfolders and files only 


Enable inheritance 


Replace all child object permission entries with inheritable permission entries from this object 


OK Cancel Apply 


Configuring NTFS permissions on the share. (Screenshot used with permission from 
Microsoft.) 


e) Select the Add button. 
f) | Inthe Permission entry for HOME dialog box, select the Select a principal link. 


g) Inthe Select Users or Groups dialog box, type authenticated users in the box and 
select Check Names. 


h) Select OK. 
i) From the Applies to box, select This folder only. 
j) Select Show advanced permissions. 
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k) 


m) 
n) 


Change the selections so that only the following are checked: Traverse folder / 
execute file, Read attributes, and Create folders / append data. 


B Permission Entry for HOME Oo x 


Principal: Authenticated Users Select a principal 
Type: Allow v 


Applies to: | This folder only v 


Advanced permissions: Show basic permissions 

Full control Write attributes 

[v] Traverse folder / execute file Write extended attributes 
List folder / read data Delete subfolders and files 

[M] Read attributes Delete 
Read extended attributes Read permissions 
Create files / write data Change permissions 

[v] Create folders / append data Take ownership 


Only apply these permissions to objects and/or containers within this container Clear all 


Add a condition to limit access. The principal will be granted the specified permissions only if conditions are met. 


Add a condition 


Cancel 


Configuring an NTFS permission entry on the share. (Screenshot used with permission from 
Microsoft.) 

Select OK. 

The effect of these permissions is to allow an authenticated user to create folders 

within HOME. The folders that get created will NOT inherit these permissions and so 

will be created with default permissions (full control for the user that created the 

folder). 

In the Advanced Security Settings for HOME dialog box, select OK. 


In the HOME Properties dialog box, select Close. 


7. Create a logon script to map the folder \\DC1\LABFILES as the L: drive. 


a) 
b) 


c) 


d) 


Switch to the PC1 VM. 

Use the desktop icon to start Notepad++. 

Enter the following command:net use L: \\DC1\LABFILES / 
persistent:yes 


Select File—Save. In the left pane, select Desktop. In the File name box, type 
map.bat and then select the Save button. 


8. Create a GPO to run the script, and attach the GPO to the domain. 


a) 


On the PC1 VM, right-click the map file on the desktop and select Copy. 
Select Start—Windows Administrative Tools—Group Policy Management. 


Expand Forest—Domains—corp.515support.com. Right-click corp.515support.com 
and select Create a GPO in this domain, and Link it here. 


In the New GPO dialog box, in the Name box, type 515 Support Logon Policy. Select 
OK. 


Right-click 515 Support Logon Policy and select Edit. 


In the Group Policy Management Editor window, expand User 
Configuration—Policies—Windows Settings and select Scripts. Double-click Logon. 


In the Logon Properties dialog box, select the Show Files button. 

Right-click in the Explorer window and select Paste to copy the map file to the folder; 
then, close the Explorer window. 

In the Logon Properties dialog box, select the Add button. In the Add a Script dialog 
box, select the Browse button. Select map and select Open. 
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Select OK in the Add a Script dialog box and in the Logon Properties dialog box. 


Configure the folder redirection policy within the current GPO. 


a) 


d) 
e) 


In the Group Policy Management Editor window, expand User 
Configuration—Policies—Windows Settings— Folder Redirection. 


Right-click Documents and select Properties. 


In the Documents Properties dialog box, from the Setting list box, select Basic - 
Redirect everyone's folder to the same location. 


In the Root path box, type \\MS1\HOME 
Select OK. Confirm the prompt by selecting Yes. 


Test the new policy using the current account on PC1. 
On the PC1 VM, open File Explorer. 
Copy some of the files from C:\LABFILES into the Documents folder. 


a) 
b) 
c) 


d) 
e) 


8) 


Open a command prompt and run gpupdate 


Note the message—you must log off and log back on for folder redirection to be 


applied. 
Sign out from PC1. 


Select Other user. Use the user name 515support\administrator and Pa$$w0Ord as 


the password. 


You might notice that sign on seems slower than before. This is because the files you 
copied to Documents are being moved to the \\MS1\HOME share. 


Open File Explorer and observe the Sync icon on the Documents folder. 


n > | File Explorer 


J+ Quick access 
E Desktop 
4 Downloads 
&| Documents 
=| Pictures 
d Music 
B Videos 


@ OneDrive 
E This Pc 


o> Network 


6 items 


Home Share View 


M Æ > Quickaccess > 


/ Frequent folders (6) 


Desktop Downloads 
a This PC y This PC 
4 “4 


Pictures 
This PC 


Documents 
This PC 


This PC 


E 
E — 
Music B Videos 


‘ Recent files (0) 


After you've opened some files, we'll show the most recent ones here. 


Li] 


Folder redirection applied to the Documents folder. (Screenshot used with permission from 


Microsoft.) 


Open the Sync Center from Control Panel. Are there any errors? 


You will likely see a Status of Ready for first sync. 


Test the new policy by using the David account on PC2. 
Open a connection window for the PC2 VM, and sign in using the account name David 


a) 


and password Pa$$w0rd 


Open Explorer and verify that the L: drive is mapped to \\DC1\LABFILES. 


Open the Documents library, and verify that the My Documents folder is set up to 
sync. Test that you can create and edit a new file in the folder. 
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12. Optionally, switch to the MS1 VM, and examine the contents of HOME. 


You should see folders for Administrator and David. You will not be able to view the 
contents of these folders because the redirection policy gave users exclusive access. 


13. At the end of each activity, you need to close the VMs. You will always discard any 
changes you made. 
a) From the connection window, select Action—Revert. 
b) If prompted, select the Revert button to confirm. 


c) On the HOST, in the Hyper-V Manager console, right-click each VM that is still 
running and select Revert. At the end of the activity, the state of each VM should be 
listed as Off. 
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Summary 


In this lesson, you managed user accounts, workstations, and shared resources. These 
administrative tasks are critical knowledge for any A+ technician. 


What experiences do you have in working with any of the technologies discussed 
in this lesson? 


Which AD configuration task do you expect to perform most often in your 
workplace? 


Practice Question: Additional practice questions are available on the CompTIA CHOICE 
platform within the Assessments tile. 
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Lesson 15 


Security Concepts 


LESSON INTRODUCTION 


So far in this course, you have installed and configured PC hardware and software and network 
devices. Another facet of a CompTIA® A+® technician's duties involves protecting organizational 
computing assets from attacks. In this lesson, you will identify security threats and vulnerabilities, 
plus some of the logical and physical controls used to mitigate them. 


In today's work environment, cybersecurity is everyone's responsibility. As an A+ technician, you 
are in the position to identify potential security issues before they become big problems. By 
identifying security threats and vulnerabilities, as well as some of the controls that can counteract 
them, you can help keep your organization's computing resources safe from unauthorized access. 


LESSON OBJECTIVES 


In this lesson, you will: 
* Describe logical security concepts. 
* Describe physical security threats and vulnerabilities. 


* Describe physical security controls. 
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Topic A 


Logical Security Concepts 


EXAM OBJECTIVES COVERED 
A 1002-2.2 Explain logical security concepts. 
1002-2.7 Given a scenario, implement security best practices to secure a workstation. 


Logical security refers to the idea that any information or data that is created, stored, 
and transmitted in digital form is secured to the desired level. This concept applies to 
many components of the digital world, such as the Internet, cloud-based computing, 
networks, mobile devices, tablets, laptops, and standard desktop computers. 


SECURITY BASICS 


Security is the practice of controlling access to something (a resource). Security is 
always balanced against accessibility; restricting access makes a resource better 
protected but also less usable. Secure information has three properties, often referred 
to as the CIA triad: 


* Confidentiality—this means that certain information should only be known to 
certain people. 

* Integrity—this means that the data is stored and transferred as intended and that 
any modification is authorized. 

* Availability—this means that information is accessible to those authorized to view 
or modify it. 


Security policies ensure that an organization has evaluated the risks it faces and has 
put in place controls to mitigate those risks. Making a system more secure is also 
referred to as hardening it. Different security policies should cover every aspect of an 
organization's use of computer and network technologies, from procurement and 
change control to acceptable use. 


SECURITY CONTROLS 


Security controls are safeguards or prevention methods to avoid, counteract, or 
minimize security risks relating to personal or company property. For example, a 
firewall is a type of security control because it controls network communications by 
allowing only traffic that has specifically been permitted by a system administrator. 
Security controls can be classified by several criteria, such as by the time that they act 
relative to a security incident, according to their nature, or by people, technology, and 
operations/processes. There are different classification schemes, but one way to 
understand the types of security controls is to consider the following classes: 


* Physical controls such as fences, doors, locks, and fire extinguishers. 

* Procedural controls such as incident response processes, management oversight, 
security awareness, and training. 

e Logical controls such as user authentication (login) and software-based access 
controls, antivirus software, and firewalls. 

* Legal and regulatory or compliance controls such as privacy laws, policies, and 
clauses. 
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LOGICAL SECURITY CONTROLS 

Logical security refers to controls implemented in software to create an access 
control system. The overall operation of an access control system is usually described 
in terms of three functions, referred to as the AAA triad: 


e Authentication means one or more methods of proving that a user is who she/he 
says she/he is. 

e Authorization means creating one or more barriers around the resource such that 
only authenticated users can gain access. Each resource has an access control list 
specifying what users can do. Resources often have different access levels; for 
example, being able to read a file or being able to read and edit it. 

* Accounting means recording when and by whom a resource was accessed. 


IMPLICIT DENY AND LEAST PRIVILEGE 


Logical security is founded on the principle of implicit deny. Implicit deny means that 
unless there is a rule specifying that access should be granted, any request for access 
is denied. This level of minimal access includes facilities, computing hardware, 
software, and information. 


This principle can be seen clearly in firewall policies. A firewall filters access requests 
using a set of rules. The rules are processed in order from top-to-bottom. If a request 
does not fit any of the rules, it is handled by the last (default) rule, which is to refuse 
the request. 


A complementary principle is that of least privilege. This means that a user should be 
granted rights necessary to perform their job and no more. 


Note: These principles apply equally to users (people) and software processes. Much 
software is written without regard to the principles of implicit deny and least privilege, 


making it less secure than it should be. 


ENCRYPTION 


Many logical security controls depend to some extent on the use of encryption 
technologies. Encryption is an ancient technique for hiding information. Someone 
obtaining an encrypted document cannot understand that information unless they 
possesses a key. The use of encryption allows sensitive data to travel across a public 
network, such as the Internet, and remain private. If the data packets were intercepted 
and examined, the content would be unreadable. 


The use of encryption and other digital security techniques provides users with three 
important security requirements on computer networks: confidentiality, integrity, and 
authentication. There are three principal types of cryptographic technology: symmetric 
encryption, asymmetric encryption, and cryptographic hashing. These all have different 
roles in achieving the goals of confidentiality, integrity, and/or authentication. Often 
two or more of these three different types are used together in the same product or 
technology. 


SYMMETRIC ENCRYPTION 


In symmetric encryption, a single secret key is used to both encrypt and decrypt data. 
The secret key is so-called because it must be kept secret. If the key is lost or stolen, 
the security is breached. 


Note: Symmetric encryption is also referred to as single-key or private-key. Note that 
"private key" is also used to refer to part of the PKI process (discussed shortly), so take 


care not to confuse the two uses. 
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The main problem with symmetric encryption is secure distribution and storage of the 
key. This problem becomes exponentially greater the more widespread the key's 
distribution needs to be. The main advantage is speed, as symmetric key encryption is 
less processor intensive than asymmetric encryption. 


Symmetric encryption is used to encode data for storage or transmission over a 
network. The most widely used symmetric encryption technology (or cipher) is the 
Advanced Encryption Standard (AES). Older ciphers such as Data Encryptions Standard 
(DES/3DES) and Rivest Cipher (RC) have known weaknesses that make them less 
suitable for use in modern security systems. 


One of the principal measures of the security of an encryption cipher is the size of the 
key. Early ciphers used between 32- and 64-bit keys. Currently, 1024-bit keys would be 
selected for general use, with larger keys required for highly sensitive data. The larger 
the key, however, the more processing is required to perform encryption and 
decryption. 


ASYMMETRIC ENCRYPTION 


In asymmetric encryption, if a public key is used to encrypt data, only a mathematically 
related private key can be used to decrypt it. The private key must be kept a secret 
known only to a single subject (user or computer). The public key can be widely and 
safely distributed to anyone with whom the subject wants to communicate, because 
the private key cannot be derived from the public key. Also, the public key cannot be 
used to decrypt a message that it has just encrypted. 


Note: A key pair can be used the other way around. If the private key is used to encrypt 
something, only the public key can then decrypt it. The point is that one type of key 


cannot reverse the operation it has just performed. 


Asymmetric encryption is mostly used for authentication technologies, such as digital 
certificates and digital signatures, and key exchange. Key exchange is where two hosts 
need to know the same symmetric encryption key without any other host finding out 
what it is. Symmetric encryption is much faster than asymmetric, so it is often used to 
protect the actual data exchange in a session. Asymmetric encryption is more complex, 
taking longer for a computer to process, and so typically only used on small amounts 
of data, such as the authentication process to set up the session. 


Most asymmetric encryption technologies use the RSA cipher, named after its 
designers Ron Rivest, Adi Shamir, and Leonard Adleman. 


CRYPTOGRAPHIC HASHES 


A hash is a short representation of data. A hash function takes a variable-length 
string (text) as input and produces a fixed-length value (32-bit, for instance) as output. 
A cryptographic hash makes it impossible to recover the original string from the hash 
value. This technique can be used to prove that a message has not been tampered 
with (integrity). For example, when creating a digital signature, the sender computes a 
cryptographic hash of the message and then encrypts the hash with his or her private 
key. When the recipient receives the message and decrypts the hash, the recipient 
computes its own hash of the message and compares the two values to confirm they 
match. Cryptographic hashes are also used for secure storage of data where the 
original meaning does not have to be recovered (passwords for instance). 


Two of the most commonly used cryptographic hash algorithms are Secure Hash 
Algorithm (SHA-1 and SHA-2) and Message Digest (MD5). MDS is the older algorithm 
and is gradually being phased out of use. 
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PKI AND CERTIFICATES 


Asymmetric encryption is an important part of Public Key Infrastructure (PKI). PKI is 
a solution to the problem of authenticating subjects on public networks. Under PKI, 
users or server computers are validated by a Certificate Authority (CA), which issues 
the subject a digital certificate. The digital certificate contains a public key associated 
with the subject embedded in it. The certificate has also been signed by the CA, 
guaranteeing its validity. Therefore, if a client trusts the signing CA, they can also trust 
the user or server presenting the certificate. 


The client can then send the server (comptia.org, for example) data (their credit card 
details, for example) encrypted using the public key, safe in the knowledge that only 
that particular server will be able to decrypt it (using its private key). A similar 
technique can be used to encrypt the contents of emails. The sender uses the 
recipient's public key to encrypt the data with the assurance that only the linked 
private key can be used to decrypt the data again. PKI can also be used by mobile 
applications to encrypt any data sent between the client and the server. 


Digital certificates are also used for secure authentication to computer networks. The 
certificate is stored with the private key on a smart card hardware token. To 
authenticate, the card provides the certificate to the authentication server, which 
checks that it is valid and trusted. It then uses the public key in the certificate to issue 
an encrypted challenge to the user. The smart card should be able to decrypt this 
challenge using the private key and send an appropriate response. 


EXECUTION CONTROL 


Authentication and authorization gives subjects the right to sign on to a computer and 
network and (potentially) to make changes to the system configuration. This places a 
certain amount of trust in the user to exercise those rights responsibly. Users can act 
maliciously, though, or could be tricked into an adverse action. Execution control 
refers to logical security technologies designed to prevent malicious software from 
running on a host. Execution control can establish a security system that does not 
entirely depend on the good behavior of individual users. 


TRUSTED/UNTRUSTED SOFTWARE SOURCES 


To prevent the spread of malware such as Trojans, it is necessary to restrict the ability 
of users to run unapproved program code, especially code that can modify the OS, 
such as an application installer. Windows uses the system of Administrator and 
Standard user accounts, along with User Account Control (UAC) and system policies, to 
enforce these restrictions. 


Developers of Windows applications can use digital certificates to perform code signing 
and prove the authenticity and integrity of an installer package. Linux® also prompts 
when you attempt to install untrusted software. Software is signed with a 
cryptographic key. Packages need the public key for the repository in order to install 
the software. When prompted that you are installing untrusted software, you can 
either respond that you want to install it anyway or cancel the installation. 


Mobile OS vendors use this "walled garden" model of software distribution as well. 
Apps are distributed from an approved store, such as Apple's App Store or the 
Windows Store. The vendor's store policies and procedures are supposed to prevent 
any Trojan-like apps from being published. 


There are also third-party network management suites to enforce application control. 
This means configuring blacklists of unapproved software (allowing anything else) or 
whitelists of approved software (denying anything else). 
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DISABLE AutoRun 


One of the problems with legacy versions of Windows is that when an optical disk is 
inserted or USB or network drive is attached, Windows would automatically run 
commands defined in an autorun.inf file stored in the root of the drive. A typical 
autorun.inf would define an icon for a disk and the path to a setup file. This could lead 
to malware being able to install itself automatically. 


In modern versions of Windows®, an AutoPlay dialog box is shown prompting the user 
to take a particular action. AutoPlay settings can be configured via a drive's property 
dialog box. Also, UAC will require the user to explicitly allow any executable code to 
run. There is a Control Panel applet to configure default AutoPlay actions. 


TA per 
ka-a- 

ITQ [Eg « All Control Panel Items » AutoPlay X | +4 | | Search Contro! Pane p | 

Choose what happens when you insert each type of media or device © 

[V] Use AutoPlay for all media and devices 

Media 

€ Audio CD Ol Play Audio CD using PowerDVD 10 ’ = 

ED Enhanced audio CD @ Ask me every time X 

€E DVD movie {© Play DVD Video using PowerDVD 10 X 

£E Enhanced DVD movie (© Play DVD Video using PowerDVD 10 X 

[el Software and games @ Ask me every time X 

=) Pictures @ Ask me every time nA 

|B) Video files Choose a default v 

(è| Audio files Choose a default A 


Configuring AutoPlay in Windows 7. (Screenshot used with permission from Microsoft.) 


ANTIVIRUS/ANTI-MALWARE 


antivirus (A-V) is software that can detect malware and prevent it from executing. The 
primary means of detection is to use a database of known virus patterns, called 
definitions, signatures, or patterns. Another technique is to use heuristic 
identification. "Heuristic" means that the software uses knowledge of the sort of things 
that viruses do to try to spot (and block) virus-like behavior. Most antivirus software is 
better described as anti-malware, as it can detect software threats that are not 
technically virus-like, including spyware, Trojans, rootkits, and ransomware. It is critical 
to ensure that the security software is updated regularly. 


PATCH MANAGEMENT 


It is important to apply critical and security updates for OS and application software. 
Failing to keep operating systems and software applications up-to-date can cause 
anything from graphical corruptions when using new video drivers to complete system 
crashes and vulnerability to malware. That said, there are two approaches to applying 
updates: 


* Apply all the latest patches to ensure the system is as secure as possible against 
attacks against flaws in the software. 
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* Only apply a patch if it solves a particular problem being experienced. 


The second approach obviously requires more work, as you need to keep up-to-date 
with security bulletins. However, it is well recognized that updates can cause problems, 
especially with software application compatibility. Best practice is to test updates ona 
non-production system before rolling them out. 


Note: To check the current build of Windows, run win ve r. To check the version 
number of a particular file, right-click and select Properties. 


NAC 


Firewalls are principally deployed to manage access between networks. They control 
communications by blocking packets based on access rules permitting or denying 
certain combinations of IP addresses and network ports, or other filtering criteria. 


Firewalls cannot control whether a device can connect to a network in the first place. 
Defense in depth, or endpoint security, refers to controls that monitor the security of 
a network "behind" the perimeter firewall. Network Access Control (NAC) allows 
administrators to devise policies or profiles describing a minimum security 
configuration that devices must meet to be granted network access. This is called a 
health policy. Typical policies check things such as malware infection, firmware and 
OS patch level, personal firewall status, and the presence of up-to-date virus 
definitions. A solution may also be to scan the registry or perform file signature 
verification. The health policy is defined on a NAC management server along with 
reporting and configuration tools. 


PHYSICAL PORT SECURITY 


With wired ports, access to the physical switch ports and switch hardware should be 
restricted to authorized staff, using a secure server room and/or lockable hardware 
cabinets. To prevent the attachment of unauthorized client devices, a switch port can 
be disabled using the management software or the patch cable can be physically 
removed from the port. Completely disabling ports in this way can introduce a lot of 
administrative overhead and scope for error. Also, it doesn't provide complete 
protection as an attacker could unplug a device from an enabled port and connect 
their own laptop. Consequently, more sophisticated methods of ensuring port security 
have been developed. 


MAC ADDRESS FILTERING 


Configuring MAC filtering on a switch means defining which MAC addresses are 
allowed to connect to a particular port. This can be done by creating a list of valid MAC 
addresses or by specifying a limit to the number of permitted addresses. For example, 
if port security is enabled with a maximum of two MAC addresses, the switch will 
record the first two MACs to connect to that port but then drop any traffic from 
machines with different network adapter IDs that try to connect. 


Many devices also support whitelisting and/or blacklisting of MAC addresses. A MAC 
address added to a whitelist is permitted to connect to any port, whereas a MAC 
address on a blacklist is prohibited from connecting to any port. 


PORT SECURITY / IEEE 802.1X 

The IEEE 802.1X standard defines a Port-based Network Access Control (PNAC) 
mechanism. PNAC means that the switch (or router) performs some sort of 
authentication of the attached device before activating the port. 


Under 802.1X, the device requesting access is the supplicant. The switch, referred to 
as the authenticator, enables the Extensible Authentication Protocol over LAN 
(EAPOL) protocol only and waits for the device to supply authentication data. Using 
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EAP, this data could be a simple username/password (EAP-MDS) or could involve using 
a digital certificate or token. The authenticator passes this data to an authenticating 
server, which checks the credentials and grants or denies access. 


MDM 


Mobile Device Management (MDM) is a class of management software designed to 
apply security policies to the use of mobile devices in the enterprise. This software can 
be used to manage enterprise-owned devices as well as Bring Your Own Device 
(BYOD). 


The core functionality of these suites is similar to Network Access Control (NAC) 
solutions. The management software logs the use of a device on the network and 
determines whether to allow it to connect or not, based on administrator-set 
parameters. When the device is enrolled with the management software, it can be 
configured with policies to allow or restrict use of apps, corporate data, and built-in 
functions, such as a video camera or microphone. 


6 
P Q >_ £93 © © GTSLEARNING “Gp 
nt - Apple enrollment 
ad Search (Ctrl+/) Apple Certificates 
I= 
ri} Üi Apple MDM Push Certificate | Enrollment Program Token 
MANAGE 
P) 7 
A | uires le MDM 
[M Apple enrollment pip l Tar ja 
Ls 
® Android for Work enrollment | 
» g Windows enrollment 
ENROLLMENT PROGRAM FOR APPLE 
A Terms and conditions 
Enrollment Program Profiles Enrollment Program Devices 
EA R Enrollment restrictions 
CJ D Device categories 
Requires Apple MDM Requires Apple MDM 
& Ra Corporate device identifiers push certificate push certificate 
Device enrollment managers 
= E vi g 
HELP AND SUPPORT MANAGE APPLE CONFIGURATOR ENROLLMENT SETTINGS 
a 
4 4 Help and support AC Profiles Apple Configurator Devices 
a Requires Apple MDM Requires Apple MDM 
push certificate push certificate 
> 


Configuring iOS device enrollment in Microsoft's Intune Enterprise Mobility Management (EMM) suite. 
Used with permission from Microsoft. 
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VPN 


As well as allowing hosts to connect over wired or wireless local connections, most 
networks have to allow devices to connect remotely, to support home workers, field 
workers, branch offices, partners, suppliers, and customers. A remote connection is 
obviously easier for external attackers to try to exploit than a local one, so remote 
access must be subject to stringent security policies and controls. 


A Virtual Private Network (VPN) connects the components and resources of two 
(private) networks over another (public) network. A VPN is a "tunnel" through the 
Internet (or any other public network). It uses special connection protocols and 
encryption technology to ensure that the tunnel is secure and the user is properly 
authenticated. Once the connection has been established, to all intents and purposes, 
the remote computer becomes part of the local network (though it is still restricted by 
the bandwidth available over the WAN link). 


With a VPN, TCP/IP communications are encrypted and then packaged within another 
TCP/IP packet stream. The VPN hardware or software can encrypt just the underlying 
data in a packet or the entire packet itself before wrapping it in another IP packet for 
delivery. If a packet on the public network is intercepted along the way, the encrypted 
contents cannot be read by a hacker. Such encryption of data or packets is typically 
implemented by using a protocol suite called Internet Protocol Security (IPSec). 


A remote access request is only granted if the user authenticates correctly and the 
account has been given remote (or "dial-in") permission. The client device could also be 
subject to NAC policy checks before it is allowed to fully join the VPN. 
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Activity 15-1 


Discussing Logical Security Concepts 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Confidentiality and integrity are two important properties of information stored in 
a secure retrieval system. 


What is the third property? 


2. While you are assigning privileges to the accounting department in your 
organization, Cindy, a human resource administrative assistant, insists that she 
needs access to the employee records database so that she can fulfill change of 
address requests from employees. After checking with her manager and referring 
to the organization's access control security policy, Cindy's job role does not fall 
into the authorized category for access to that database. 


What security concept is being practiced in this scenario? 


3. What distinguishes a cryptographic hash from the output of an encryption 


algorithm? 


4. What type of cryptographic algorithm is AES? 


5. What type of cryptographic key is delivered in a digital certificate? 
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John brought in the new tablet he just purchased and tried to connect to the 
corporate network. He knows the SSID of the wireless network and the password 
used to access the wireless network. He was denied access, and a warning 
message was displayed that he must contact the IT Department immediately. 


What happened and why did he receive the message? 


7. What type of network access is facilitated by VPN? 
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Topic B 


Threats and Vulnerabilities 


EXAM OBJECTIVES COVERED 
a 1002-2.5 Compare and contrast social engineering, threats, and vulnerabilities. 


In this topic, you will distinguish the concepts of threats, vulnerabilities, and controls. 
By identifying common security threats and vulnerabilities, you will be better equipped 
to suggest or implement the most effective counteractive measures. 


VULNERABILITIES, THREATS, AND RISKS 


In IT security, it is important to distinguish between the concepts of vulnerability, 
threat, and risk: 


e Vulnerability—a weakness that could be triggered accidentally or exploited 
intentionally to cause a security breach. 

* Threat—the potential for a threat agent or threat actor (something or someone 
that may trigger a vulnerability accidentally or exploit it intentionally) to "exercise" a 
vulnerability (that is, to breach security). The path or tool used by the threat actor 
can be referred to as the threat vector. 

e Risk—the likelihood and impact (or consequence) of a threat actor exercising a 
vulnerability. 


To understand network security, you need to understand the types of threats that a 
network is exposed to and how vulnerabilities can be exploited to launch actual 
attacks. 


SOCIAL ENGINEERING THREATS 


Much of the focus in computer security is in deterring malicious external and insider 
threats. Attackers can use a diverse range of techniques to compromise a security 
system. A pre-requisite of many types of attack is to obtain information about the 
security system. Social engineering refers to means of getting users to reveal this kind 
of confidential information or allowing some sort of access to the organization that 
should not have been authorized. A social engineering attack uses deception and 
trickery to convince unsuspecting users to provide sensitive data or to violate security 
guidelines. Social engineering is often a precursor to another type of attack. 


It is also important to note that gaining access to a network is often based on a series 
of small steps rather than a single large step. That is, knowing the email address of an 
employee allows an attacker to search for facts about that user online. This might help 
target the user with fake messages. A message might be convincing enough to 
persuade the user to reveal some confidential information or install some malware. 
The malware allows the attacker to access the network and try to discover the ID of a 
more privileged account or the location of important data files. 


Because these attacks depend on human factors rather than on technology, their 
symptoms can be vague and hard to identify. Social engineering attacks can comeina 
variety of methods: in person, through email, or over the phone. Social engineering 
typically takes advantage of users who are not technically knowledgeable, but it can 
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also be directed against technical support staff if the attacker pretends to be a user 
who needs help. 


COMMON SOCIAL ENGINEERING EXPLOITS 


Preventing social engineering attacks requires an awareness of the most common 
forms of social engineering exploits. 


IMPERSONATION 


Impersonation (pretending to be someone else) is one of the basic social engineering 
techniques. The classic impersonation attack is for an attacker to phone into a 
department, claim they have to adjust something on the user's system remotely, and 
get the user to reveal their password. 


Attackers will generally try one of the following methods to make an impersonation 

attack convincing: 

e Intimidate their target by pretending to be someone senior in rank. 

* Intimidate the target by using spurious technical arguments and jargon or alarm 
them with a hoax. 

* Coax the target by engaging with them in and putting them at their ease. 


Do you really know who's on the other end of the line? (Photo by Uros Jovicic on Unsplash.) 


PHISHING AND SPEAR PHISHING 

Phishing is a combination of social engineering and spoofing (disguising one 
computer resource as another). The attacker sets up a spoof website to imitate a 
target bank or ecommerce provider's secure website. The attacker then emails users of 
the genuine website informing them that their account must be updated, supplying a 
disguised link that actually leads to their spoofed site. When the user authenticates 
with the spoofed site, their log on details are captured. Another technique is to spawn 
a "pop-up" window when a user visits a genuine site to try to trick them into entering 
their credentials through the pop-up. 


Spear phishing refers to a phishing scam where the attacker has some information 
that makes the target more likely to be fooled by the attack. The attacker might know 
the name of a document that the target is editing, for instance, and send a malicious 
copy, or the phishing email might show that the attacker knows the recipient's full 
name, job title, telephone number, or other details that help to convince the target that 
the communication is genuine. 


PHARMING 


Pharming is another means of redirecting users from a legitimate website to a 
malicious one. Rather than using social engineering techniques to trick the user, 
however, pharming relies on corrupting the way the victim's computer performs 
Internet name resolution, so that they are redirected from the genuine site to the 
malicious one. For example, if mybank.com should point to the IP address w.x.y.z, a 
pharming attack would corrupt the name resolution process to make it point to IP 
address a.b.c.d. 
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TRUST AND DUMPSTER DIVING 


Being convincing or establishing trust usually depends on the attacker obtaining 
privileged information about the organization or about an individual. For example, an 
impersonation attack is much more effective if the attacker knows the user's name. As 
most companies are set up toward customer service rather than security, this 
information is typically easy to come by. Information that might seem innocuous, such 
as department employee lists, job titles, phone numbers, diary appointments, invoices, 
or purchase orders, can help an attacker penetrate an organization through 
impersonation. 


Another way to obtain information that will help to make a social engineering attack 
credible is by obtaining documents that the company has thrown away. Dumpster 
diving refers to combing through an organization's (or individual's) garbage to try to 
find useful documents. Attackers may even find files stored on discarded removable 
media. 


Note: Remember that attacks may be staged over a long period of time. Initial attacks 
may only aim at compromising low-level information and user accounts, but this low- 


level information can be used to attack more sensitive and confidential data and better 
protected management and administrative accounts. 


SHOULDER SURFING 


Shoulder surfing refers to stealing a password or PIN, or other secure information, by 
watching the user type it. Despite the name, the attacker may not have to be in close 
proximity to the target. They could use high-power binoculars or CCTV to directly 
observe the target from a remote location. 


TAILGATING 


Tailgating (or piggybacking) is a means of entering a secure area without authorization 
by following close behind the person that has been allowed to open the door or 
checkpoint. This might be done without the target's knowledge or may be a means for 
an insider to allow access to someone without recording it in the building's entry log. 
Another technique is to persuade someone to hold a door open, using an excuse such 
as "I've forgotten my badge/key." 


MITIGATION OF SOCIAL ENGINEERING ATTACKS 


Social engineering is best defeated by training users to recognize and respond to such 
situations. 


* Train employees to release information or make privileged use of the system only 
according to standard procedures. 

« Establish a reporting system for suspected attacks—though the obvious risk here is 
that a large number of false negatives will be reported. 

* Train employees to identify phishing-style attacks plus new styles of attack as they 
develop in the future. 

* Train employees not to release any work-related information on third-party sites or 
social networks (and especially not to reuse passwords used for accounts at work). 


Other measures include ensuring documents and information is destroyed before 
disposal, using multifactor access control, to put more than one or two barriers 
between an attacker and his or her target, and restricting use of administrative 
accounts as far as possible. 


NETWORK FOOTPRINTING THREATS 


Footprinting is another information-gathering threat, in which the attacker attempts 
to learn about the configuration of the network and security systems. Footprinting can 
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be accomplished by social engineering attacks. There are also many software-based 
tools and techniques for gathering information. 


Note: Footprinting describes investigating the overall network and security topology, 
whereas fingerprinting describes probes that attempt to discover how a particular host is 
configured. 


OPEN PORTS 


Network mapping refers to tools that gather information about the way the network 
is built and configured and the current status of hosts. One approach to protecting a 
network from unwanted footprinting or fingerprinting is to prevent unauthorized hosts 
from connecting at all. An "open port" in this sense is an Ethernet port that allows any 
computer to connect to the switch. Ethernet ports can be physically or administratively 
disabled to prevent this, though that would not stop an attacker from unplugging an 
authorized machine and connecting a different one. There are various Network Access 
Control (NAC) or endpoint security solutions that can require devices to authenticate 
before network access is granted. 


As well as the physical Ethernet port, an "open port" can also refer to a TCP or UDP 
network application port. Port scanning aims to enumerate the TCP or UDP 
application ports on a host that are accepting connections. The netstat tool can be 
used on Windows and Linux to investigate open connections on the local computer. 


More advanced probes, such as nmap, can discover a good deal more information 
about a host. 


=\Windows\system32>netstat -b -n 


Active Connections 


Proto Local Address Foreign Address State 

TCP 192.168 .1.116:5866 185.41.18.123:86 CLOSE_WAIT 
CIEXPLORE.EXE] 

TCP 192.168 .1.116:5867 185.41 .16.123:86 CLOSE_WAIT 
CIEXPLORE. EXE] 

TCP 192.168 .1.116:5868 216.58 .208 . 40:443 ESTABLISHED 
CIEXPLORE. EXE] 

TCP 192.168.1.116:5869 216.58 .268 .40:443 ESTABLISHED 
CIEXPLORE.EXE] 

TCP 192.168.1.116:5816 164.27.151.216:86 CLOSE_WAIT 
CIEXPLORE. EXE] 

TCP 192.168 .1.116:5811 164.27.151.216:86 CLOSE_WAIT 
CIEXPLORE.EXE] 

TCP 192 .168.1.116:5812 164.27.151.216:86 CLOSE_WAIT 
CIEXPLORE.EXE] 

TCP 192 .168.1.116:5813 164.27.151.216:86 CLOSE_WAIT 
CIEXPLORE. EXE] 

TCP 192.168 .1.116:5814 164.27.151.216:86 CLOSE_WAIT 
CIEXPLORE. EXE] 

TCP 192.168 .1.116:5815 164.27.151.216:86 CLOSE_WAIT 
CIEXPLORE. EXE] 

TCP 192 .168.1.116:5816 $2.28 .192 .217:443 ESTABLISHED 
CIEXPLORE. EXE] 

TCP [fe80: :5c9e:8be5:bb3e:f341741:2179 Cfe8B:-Sc%e:8hbe5:bb3e:£341~%41:5519 
ESTABLISHED 

Cumms .exe ] 

[fe80: :5c9e:8be5:bb3e :f3412741:3587 (Cfe8G: -ScfO:94fe-4f4:a8ax41:57395 


[svchost.exe ] 

TCP [fe80: :5c9e:8be5:bb3e:f341741:5519 [fe89::5c9e:8be5:bb3e:f341741:2179 
ESTABLISHED 

[UmConnect .exe ] 


=\Windows\s ystem32>_ 


Displaying open connections with netstat. (Screenshot used with permission from Microsoft.) 


When a host running a particular operating system responds to a port scan, the syntax 
of the response might identify the specific operating system. This fact is also true of 
application servers, such as web servers, FTP servers, and mail servers. The responses 
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these servers make often include several headers or banners that can reveal a great 
deal of information about the server. 


Ports can be closed by disabling unnecessary or unused protocols, services, and 
applications. If a service must be run, a port can be blocked on a particular interface or 
restricted to certain hosts using an Access Control List (ACL) enforced by a firewall. 


Port scanning tools are also useful defensive tools because a network administrator 
needs to ensure that unauthorized ports are not open on the network. These could be 
a sign of some sort of Trojan or backdoor server. Such tools often try to hide 
themselves from diagnostic port scans. 


EAVESDROPPING THREATS 


Eavesdropping (or sniffing) refers to capturing and reading data packets as they move 
over the network. When an attacker (for example, a malicious user) has gained access 
to the network, they can use a packet sniffer such as Wireshark® to capture live 
network traffic. Unless the packets are encrypted, the attacker can gain a lot of 
information about the way the network is designed as well as intercepting any data 
transmitted in plaintext. 


File Edit View Go Capture Analyze Statistics Telephony Tools Internals Help 


COANAIBAXFTIA S 9 9F ZEB Q2QQA\FEHBXIB 


Filter: [tep or http v | Expression... Clear Apply Save 
No. Time Source Destination Protocol Length Info a 
av Se er ese avea vsa busas vee foes Vee = Freee Lots my SSyTY mene ease COE ey ree 
11 5. 3474630010.1.0.129 10.1.0:1 TCP 54 49205 > http [ACK] Seq=1 Ack=1 win=262144 Len=0 
12 5. 3651130010.1.0.129 10.1.0.1 HTTP 311 GET / HTTP/1.1 
13 5.3692710010.1.0.1 10.1.0.129 TCP 1514 [TCP segment of a reassembled PDU] 
14 5.3692720010.1.0.1 10.1.0.129 HTTP 83 HTTP/1.1 401 Unauthorized (text/html) 
15 5. 36931400 10.1.0.129 10.1.0.1 TCP 54 49205 > http [ACK] Seq=258 Ack=1490 win=262144 Len=0 
26 13.7862440 10.1.0.129 10.1.0.1 HTTP 366 GET / HTTP/1.1 
27 13.828092010.1.0.1 10.1.0.129 TCP 1514 [TCP segment of a reassembled PDU] y 


= Frame 26: 366 bytes on wire (2928 bits), 366 bytes captured (2928 bits) on interface 0 

Œ Ethernet II, Src: Microsof_01:c0:4d (00:15:5d:01:c0:4d), Dst: Microsof_01:c0:4c (00:15:5d:01:c0:4c) 

+ Internet Protocol Version 4, Src: 10.1.0.129 (10.1.0.129), Dst: 10.1.0.1 (10.1.0.1) 

Œ Transmission Control Protocol, src Port: 49205 (49205), Dst Port: http (80), Seq: 258, Ack: 1490, Len: 312 


Œ [Expert Info (chat/Sequence): GET / HTTP/1.1\r\n] 
Request Method: GET 
Request URI: / 
Request Version: HTTP/1.1 

Accept: text/html, application/xhtml+xml, */*\r\n 

Accept-Language: en-US\r\n 

User-Agent: Mozilla/5.0 (Windows NT 6.3; wow64; Trident/7.0; rv:11.0) like Gecko\r\n 

Accept-Encoding: gzip, deflate\r\n 

Host: server.classroom. local\r\n 

connection: Keep-Alive\r\n 

& Authorization: Basic YWRtaW5pc3RyYXRvcjpQysQkdzByZA==\r\n 

Credentials: administrator :Pa$$w0rd 


\r\n 
{Full request URI: http://server. classroom. local/] 


[HTTP request 2/3] 
[prev request in frame: 12] 


Response in frame: 30 S 
a ar ea Se 

{0000 00 15 5d 01 cO 4c 00 15 5d 01 cO 4d 08 00 45 00 ..]..L.. J..M..E 

0010 01 60 20 24 40 00 80 06 00 00 Oa 01 00 81 Oa 01 Se San ceoma ous 

0020 00 01 cO 35 00 50 4e aa 38 e1 e7 3a 73 76 50 18 ...5.PN. 8..:S5VP. 

0030 04 00 15 d6 00 00 47 45 54 20 2f 20 48 54 54 50 ...... GE T / HTTP 

0040 2f 31 2e 31 Od Oa 41 63 63 65 70 74 3a 20 74 65 /1.1..AC cept: te ” 

ANASA 70 FA DF GO FA Gd Fr r- IA 61 FN FN Er ANA A? G1 vt /html an ira 

e tag Credentials (http.authbasic) Packets: 139 - Displayed: 113 (81.3%) - Dropped: 0 (0.0%) Profile: Default 


Capturing basic HTTP authentication in Wireshark. 


In the first instance, an attack would be limited to data traffic to and from the 
individual user's computer (as well as broadcast traffic) as network switches will 
prevent all other traffic from being directed to that computer. However, switches can 
be subverted by various different types of attack: 


* MAC flooding—overloading the switch's MAC cache, referred to as the Content 
Addressable Memory (CAM) table, using a tool such as Dsniff or Ettercap to 
prevent genuine devices from connecting and potentially forcing the switch into 
"hub" or "flooding" mode. 


Lesson 15: Security Concepts | Topic B 


The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 915 


* ARP poisoning—the attacker poisons the switch's ARP table with a false MAC-IP 
address mapping, typically allowing the attacker to masquerade as the subnet's 
default gateway. 


Oe Note: A packet sniffer is a defensive as well as an offensive tool. It can be used to try to 


detect network intrusions and unauthorized and malicious traffic. 


SPOOFING AND MITM THREATS 


Having gathered information about a network, an attacker may be able to probe or 
damage it by launching further attacks. Many of the network, transport, and 
application protocols in use on private networks and the Internet were designed 
without any regard for security. Protocols such as TCP or UDP are vulnerable to packet 
sniffing because they were designed to transmit information in plain text. Devices 
communicating using these protocols do not typically authenticate with one another, 
making them vulnerable to spoofing, Denial of Service, and Man-in-the-Middle attacks. 


SPOOFING AND PACKET/PROTOCOL ABUSE 


The term spoofing (or impersonation or masquerade) covers a very wide range of 
different attacks. Social engineering and techniques such as phishing and pharming 
are types of spoofing attack. It also possible to abuse the way a protocol works or 
network packets are constructed to inject false or modified data onto a network. The 
ARP poisoning attack described earlier is a good example of this. The ARP and DNS 
protocols are often used as vectors for spoofing attacks. 


Spoofing can also be performed by obtaining a logical token or software token. A 
logical token is assigned to a user or computer when they authenticate to some 
service. A token might be implemented as a web cookie, for instance. If an attacker can 
steal the token and the authorization system has not been designed well, the attacker 
may be able to present the token again and impersonate the original user. This type of 
spoofing is also called a replay attack. 


MAN-IN-THE-MIDDLE ATTACK 

A Man-in-the-Middle (MITM) attack is another specific type of spoofing attack where 
the attacker sits between two communicating hosts and transparently monitors, 
captures, and relays all communication between them. Man-in-the-middle attacks are 
used to gain access to authentication and network infrastructure information for 
future attacks, or to gain direct access to packet contents. 


For example, in an ARP poisoning attack, the attacker sends spoofed ARP messages 
onto the network to associate his IP address with another host, typically the subnet's 
default gateway. The rest of the network hosts will then start communicating with the 
attacker, who will be able to sniff the packets and either send them on to the genuine 
host (to try to keep the attack covert), send modified versions of the packets, or drop 
them (performing a Denial of Service attack). 


MitM attacks can be defeated using mutual authentication, where both server and 
client exchange secure credentials. 


PASSWORD ATTACKS 


Computer systems are protected by accounts and accounts are protected by 
credentials, typically passwords. Passwords can be discovered via social engineering or 
because a user has written one down. Packet sniffing attacks are often launched with 
the purpose of obtaining credentials for one or more accounts. If a network protocol 
uses cleartext credentials, then the attacker's job is done. Most passwords are only 
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sent over the network or stored on a device using some sort of cryptographic 
protection, however. 


Note: A password might be sent in an encoded form, such as Base64, which is simply an 
ASCII representation of binary data. This is not the same as cryptography. The password 
value can easily be derived from the Base64 string. 
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Cain and Abel password cracker. 


Either the channel can be protected or the password can be protected (or both). If the 
channel is encrypted, the attacker has to compromise the encryption keys stored on 
the server. If the password is protected by a cryptographic hash, the attacker might be 
able to use password cracking software to decipher it. 


TYPES OF PASSWORD ATTACKS 


A cryptographic hash scrambles the data in a way that the original plaintext password 
is normally unrecoverable. However, the cryptographic hash function might be 
vulnerable to these types of attacks: 


* Dictionary—the password cracker matches the hash to those produced by 
ordinary words found in a dictionary. This could also include information such as 
user and company names or pet names or any other data that people might naively 
use as passwords. 

* Brute force—the software tries to match the hash against one of every possible 
combination it could be. If the password is short (under 7 characters) and non- 
complex (using only letters, for instance), a password might be cracked in minutes. 
Longer and more complex passwords increase the amount of time the attack takes 
to run. 
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RAINBOW TABLE ATTACKS 


A dictionary attack can be used where there is a good chance of guessing the likely 
value of the plaintext. Rainbow tables refine the dictionary approach. The technique 
was developed by Phillipe Oechsli and used in his Ophcrack Windows password 
cracker. The attacker uses a precomputed lookup table of all probable plaintext 
passwords (derived from the dictionary) and their matching hashes. Not all possible 
hash values are stored, as this would require too much memory. Values are computed 
in "chains" and only the first and last values need to be stored. The hash value of a 
stored password can then be looked up in the table and the corresponding plaintext 
discovered. 


The hash functions used to store passwords can be made more secure by adding salt. 
Salt is a random value added to the plaintext. This helps to slow down rainbow table 
attacks against a hashed password database, as the table cannot be created in 
advance and must be recreated for each combination of password and salt value. 
Rainbow tables are also impractical when trying to discover long passwords (over 
about 14 characters). UNIX and Linux password storage mechanisms use salt, but 
Windows does not. Consequently, in a Windows environment it is even more 
important to enforce password policies, such as selecting a strong password and 
changing it periodically. 


DENIAL OF SERVICE ATTACKS 


A Denial of Service (DoS) attack causes a service at a given host to fail or to become 
unavailable to legitimate users. Typically, DoS attacks focus on overloading a service. It 
is also possible for DoS attacks to exploit design failures or other vulnerabilities in 
application software. An example of a physical DoS attack would be cutting telephone 
lines or network cabling. DoS attacks may simply be motivated by the malicious desire 
to cause trouble. They may also be part of a wider attack, such as a precursor to a DNS 
spoofing attack. 


DISTRIBUTED DoS (DDoS) ATTACKS/BOTNETS 


Network-based DoS attacks are normally accomplished by flooding the server with 
bogus requests. They rely on the attacker having access to greater bandwidth than the 
target or on the target being required to devote more resources to each connection 
than the attacker. There are many different methods of achieving this, often exploiting 
weaknesses in protocols. 


Most bandwidth-directed DoS attacks are Distributed DoS (DDoS). This means that 
the attacks are launched from multiple compromised systems, referred to as a botnet. 
To establish a botnet, an attacker will first compromise one or two machines to use as 
"handlers" or "masters." The handlers are used to compromise multiple zombie 
devices with DoS tools (bots). In this way, the attacker can conceal his or her activities. 
This is also referred to as an asymmetric threat, because the attacker's resources can 
be far less than those of the victim. 
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Victim 


W 


Attacker Handler A 


Zombie/Drone Devices 


DDoS attacks using zombies/drones. (Image © 123RF.com.) 


Large botnets are necessary to overcome the high bandwidth of targets. The 
increasing use of "always-on" broadband connections means that attackers can target 
a large base of naive home users with the aim of compromising their PCs. Also, any 
Internet-connected device can potentially be infected and used as a bot. Devices such 
as webcams that can be configured over the Internet are often vulnerable. 


Once the bot is installed, the attacker has a backdoor that gives them access to the 
device. They can then use the backdoor to install DDoS tools and trigger the zombies 
to launch the attack at the same time. As well as a single attacker using a botnet, DDoS 
attacks might be coordinated between groups of attackers. There is growing evidence 
that nation states are engaging in cyber warfare and terrorist groups have also been 
implicated in DDoS attacks on well-known companies and government institutions. 
There are also hacker collectives who might target an organization as part of a 
campaign. 


VULNERABILITIES AND ZERO-DAY EXPLOITS 


Software exploitation means an attack that targets a vulnerability in OS or application 
software or device firmware. A vulnerability is a design flaw that can cause the 
application security system to be circumvented or that will cause the application to 
crash. The most serious vulnerabilities allow the attacker to execute arbitrary code on 
the system, which could allow the installation of malware. Malicious code that can 
successfully use a vulnerability to compromise a host is called an "exploit." 


Note: This issue does not just affect PCs. Any type of network appliance or device can 
also be vulnerable to exploits. The risks to embedded systems have become more obvious 


and the risks posed by unpatched mobile devices and the "Internet of Things" is likely to 
grow. 
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Typically, vulnerabilities can only be exploited in quite specific circumstances, but 
because of the complexity of modern software and the speed with which new versions 
must be released to market, almost no software is free from vulnerabilities. Most 
vulnerabilities are discovered by software and security researchers, who notify the 
vendor to give them time to patch the vulnerability before releasing details to the 
wider public. A vulnerability that is exploited before the developer knows about it or 
can release a patch is called a zero-day exploit. It is called "zero-day" because the 
developer has had zero days to fix the flaw. These can be extremely destructive, as it 
can take the vendor a lot of time to develop a patch, leaving systems vulnerable for 
days, weeks, or even years. 


While some zero-day attacks can be extremely destructive, they are relatively rare. A 
greater risk is the large number of unpatched or legacy systems in use. An unpatched 
or non-compliant system is one that its owner has not updated with OS and 
application patches or installed with A-V and firewall security software. A legacy 
system is one where the software vendor no longer provides support or fixes for 
problems. 


Note: There is a class of network security software described as Network Access Control 

© (NAC) that scans devices as they attempt to join and use the network and denies access if 
they are non-compliant with regard to a "system health" or Standard Operating 
Environment (SOE) policy. 
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Activity 15-2 


Discussing Threats and Vulnerabilities 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What do all types of social engineering attack have in common? 


2. An attacker crafts an email addressed to a senior support technician inviting him 
to register for free football coaching advice. The website contains password- 
stealing malware. 


What is the name of this type of attack? 


3. What is the difference between tailgating and shoulder surfing? 


4. What type of software is typically used to perform eavesdropping on an 
Ethernet network? 


5. What attack might be launched to eavesdrop on all communications passing 
over a local network segment? 


Lesson 15: Security Concepts | Topic B 


The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 921 


An attacker learns that a system policy causes passwords to be configured with a 
random mix of different characters but that are only five characters in length. 


What type of password cracking attack would work best here? 


What is the difference between a DoS and a DDOS attack? 


With what type of threat is a "zero day" associated? 
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Topic C 


Physical Security Measures 


EXAM OBJECTIVES COVERED 
A 1002-2.1 Summarize the importance of physical security measures. 


1002-2.9 Given a scenario, implement appropriate data destruction and disposal 
methods. 


Physical security refers to the implementation and practice of control methods that are 
intended to restrict physical access to facilities. One case where physical security is 
important is when there is a need to control access to physical documents, password 
records, and sensitive documents and equipment. One successful unauthorized access 
attempt can lead to financial losses, credibility issues, and legalities. In addition, 
physical security involves increasing or assuring the reliability of certain critical 
infrastructure elements such as switches, routers, and servers. 


PHYSICAL SECURITY CONTROLS 


Physical security measures means controlling who can access a building or a secure 
area of a building, such as a server room. One of the oldest types of security is a wall 
with a door in it (or a fence with a gate). In order to secure such a gateway, it must be 
fitted with a lock or door access system. 


LOCK TYPES 


Door locks can be categorized as follows: 


* Conventional—a conventional lock prevents the door handle from being operated 
without the use of a key. More expensive types offer greater resistance against lock 
picking. 

* Deadbolt—this is a bolt on the frame of the door, separate to the handle 
mechanism. 

e Electronic—rather than a key, the lock is operated by entering a PIN on an 
electronic keypad. This type of lock is also referred to as cipher, combination, or 
keyless. 

* Token-based—a smart lock may be opened using a magnetic swipe card or feature 
a proximity reader to detect the presence of a wireless key fob or one-time 
password generator (physical tokens) or smart card. 

* Biometric—a lock may be integrated with a biometric scanner, so that the lock can 
be activated by biometric features, such as a fingerprint, voice print, or retina scan. 
Biometric locks make it more difficult for someone to counterfeit the key used to 
open the lock. 

* Multifactor—a lock may combine different methods, such as smart card with PIN. 


A secure gateway will normally be self-closing and self-locking, rather than depending 
on the user to close and lock it. 


TURNSTILES AND MANTRAPS 


Tailgating is a means of entering a secure area without authorization by following 
close behind the person who has been allowed to open the door or checkpoint. 
Training and a strict policy can mitigate the sort of instinctive politeness that causes 
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employees to "co-operate" with this type of attack. Effective training should also 
ensure that employees keep doors locked to protect secure areas, such as server and 
equipment rooms. Gateways can also have improved physical security, such as CCTV 
monitoring or the presence of a security guard. 


Another option is a turnstile or a mantrap. A mantrap is two sets of interlocking doors 
inside a small space, where the first set of doors must close before the second set 
opens. If the mantrap is manual, a guard locks and unlocks each door in sequence. In 
this case, an intercom or video camera is typically used to allow the guard to control 
the trap from a remote location. If the mantrap is automatic, identification or a key of 
some kind may be required for each door, and sometimes different measures may be 
required for each door. Metal detectors are often built in to prevent entrance of people 
carrying weapons. Such use is particularly frequent in banks and jewelry shops. 


SECURITY GUARDS 


Human security guards, armed or unarmed, can be placed in front of and around a 
location to protect it. They can monitor critical checkpoints and verify identification, 
allow or disallow access, and log physical entry occurrences. They also provide a visual 
deterrent and can apply their own knowledge and intuition to potential security 
breaches. 


ID BADGES AND SMART CARDS 


A photographic ID badge showing name and (perhaps) access details is one of the 
cornerstones of building security. Anyone moving through secure areas of a building 
should be wearing an ID badge; anyone without an ID badge should be challenged. 


Radio Frequency ID (RFID) badges can be used with proximity badge readers to 
monitor the location of the subject. When the RFID badge passes a reader (with a 
range up to about 5 m), it registers a signal and transmits its ID to the management 
software. 


A contactless smart card reader. (Image © 123RF.com.) 


As well as using RFID tracking, smart card badges and key fobs can be programmed 
with biometric authentication or with some sort of token-generating or certificate- 
based authentication. This type of badge could be used to open smart locks, as 
described earlier. 
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ENTRY CONTROL ROSTERS 


An electronic lock may be able to log access attempts but if no technological solution is 
available, a security guard can manually log movement using a sign-in and sign-out 
sheet. An entry control roster requires all visitors to sign in and out when entering 
and leaving the building. Logging requirements will vary depending on the 
organization, but should include the following: 

* Name and company being represented. 

* Date, time of entry, and time of departure. 

e Reason for visiting. 

* Contact within the organization. 

When possible, one single entry point should be used for all incoming visitors. This 
decreases the risk of unauthorized individuals gaining access to the building and 
tailgating. 


PHYSICAL SECURITY CONTROLS FOR DEVICES 


The most vulnerable point of the network infrastructure will be the communications 
room. This should be subject to the most stringent access and surveillance controls 
that can be afforded. 


CABLE LOCKS AND LOCKING CABINETS 
Another layer of security can be provided by installing equipment within lockable rack 
cabinets. These can be supplied with key-operated or electronic locks. 


Rack cabinet with key-operated lock. (Image by Bunlue Nantaprom © 123RF.com.) 


Server-class hardware often features physical chassis security (server locks). The 
chassis can be locked, preventing access to the power switch, removable drives, and 
USB ports. An attacker with access to these might be able to boot the machine with a 
different operating system to try to steal data or install malware. If there is no chassis 
protection and the computer cannot be located in a secure room, another tool is a USB 
lock. This device engages springs to make it difficult to remove from a USB port unless 
the key is used. Although they can deter and delay, they are unlikely to prevent a 
determined attacker. 


If installing equipment within a cabinet is not an option, it is also possible to obtain 
cable hardware locks for use with portable devices such as laptops. 
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PRIVACY SCREENS 


A privacy screen prevents anyone but the user from reading the screen. Modern TFTs 
are designed to be viewed from wide angles. This is fine for home entertainment use 
but raises the risk that someone would be able to observe confidential information 
shown on a user's monitor. A privacy filter restricts the viewing angle to only the 
person directly in front of the screen. 


DATA DISPOSAL METHODS 


As well as the security of premises, equipment rooms, and devices, physical security 
measures also need to account for the media on which data is stored. Remnant 
removal refers to decommissioning data storage media, including hard disks, flash 
drives, tape media, and CDs/DVDs. The problem has become particularly prominent as 
organizations recycle their old computers, either by donating them to charities or by 
sending them to a recycling company, who may recover and sell parts. There are at 
least three reasons that make remnant removal critical: 

* An organization's own confidential data could be compromised. 

* Third-party data that the organization processes could be compromised, leaving it 
liable under Data Protection legislation, in addition to any contracts or Service Level 
Agreements signed. 

* Software licensing could be compromised. 

The main issue is understanding the degree to which data on different media types 

may be recoverable. Data "deleted" from a magnetic-type disk such as a hard disk is 

not erased. Rather, the sectors are marked as available for writing and the data they 
contain will only be removed as new files are added. Similarly, using the standard 

Windows format tool will only remove references to files and mark all sectors as 

useable. In the right circumstances and with the proper tools, any deleted information 

from a drive could be recoverable. 


There are several approaches to the problem of data remnants on magnetic disks. 


PHYSICAL DESTRUCTION 


A magnetic disk can be mechanically shredded, incinerated, or degaussed in specialist 

machinery: 

* Shredding—the disk is ground into little pieces. A mechanical shredder works in 
much the same way as a paper shredder. 

* Incineration—exposing the disk to high heat melts its components. 

+ Degaussing—exposing the disk to a powerful electromagnet disrupts the magnetic 
pattern that stores the data on the disk surface. 

These types of machinery are costly and will render the disk unusable, so it cannot be 

recycled or repurposed. 


Note: There are many companies specializing in secure disposal. They should provide a 
certificate of destruction, showing the make, model, and serial number of each drive they 


have handled plus date of destruction and the means by which it was destroyed. 


A less expensive method is to destroy the disk with a drill or hammer—do be sure to 
wear protective goggles. This method is not appropriate for the most highly 
confidential data as it will leave fragments that could be analyzed using specialist tools. 


Optical media cannot be reformatted. Discs should be destroyed before discarding 
them. Shredders are available for destroying CD and DVD discs. 


OVERWRITING/DISK WIPING 


If a disk can be recycled or repurposed, destruction is obviously not an option. Disk 
wiping software ensures that old data is destroyed by writing to each location on the 
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media, either using zeroes or in a random pattern. This leaves the disk in a "clean" 
state ready to be passed to the new owner. This overwriting method is suitable for all 
but the most confidential data, but is time consuming and requires special software. 
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Active KillDisk data wiping software. 


LOW LEVEL FORMAT 


Most disk vendors supply tools to reset a disk to its factory condition. These are often 
described as low level format tools and will have the same sort of effect as disk 
wiping software. A "proper" low level format creates cylinders and sectors on the disk. 
This can generally only be done at the factory. The disk utilities just clean data from 
each sector; they don't re-create the sector layout. 


Note: Check with the drive vendor for more information. For example, Seagate describe 
the tools available at knowledge.seagate.com/articles/en_US/FAQ/203931en. 
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Activity 15-3 


Discussing Physical Security Measures 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Katie works in a high-security government facility. When she comes to work in the 
morning, she places her hand on a scanning device in her building's lobby, which 
reads her hand print and compares it to a master record of her hand print ina 
database to verify her identity. 


What type of security control is this? 


2. Why might an ID badge not be restricted to use at doors and gateways? 


3. What sort of information should be recorded on an entry control roster? 


4. What is a server lock? 


5. What type of device would a privacy screen be used to protect? 


6. What three methods of mechanically destroying a hard disk are most 
effective? 
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Summary 


In this lesson, you explored general security concepts. Every organization will have 
different security requirements based on the type of business they conduct. It is your 
job to understand those requirements and know how security controls should be 
implemented to directly support those needs. 


What physical security controls have been employed at organizations where you 
have worked? 


What steps has your organization taken to ensure the security of mobile devices? 
Have you planned ahead in case the devices are lost or stolen? If so, how? 


Practice Question: Additional practice questions are available on the CompTIA CHOICE 
platform within the Assessments tile. 
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Lesson 16 


Securing Workstations and Data 


LESSON INTRODUCTION 


Ensuring the security of information processing systems isn't an easy job. Sources of vulnerabilities 
and weaknesses can seem as limitless as the range of threats and attackers poised to try to take 
advantage of them. As a CompTIA® A+® PC technician, you need to make yourself aware of the 
latest developments and best practices to use to secure systems. 


In thinking about securing those systems, you also need to be aware that your focus cannot just be 
on the devices or even the users. The data processed by those devices and users is typically the 
asset that an attacker will be after. Being able to classify and identify data types and know why 
certain types pose high risks is essential to implementing effective security measures. 


LESSON OBJECTIVES 


In this lesson, you will: 
e Use security best practices to secure a workstation. 
* Implement data protection policies. 


* Describe data protection processes during incidents. 
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Topic A 


Implement Security Best Practices 


EXAM OBJECTIVES COVERED 

a 1002-2.2 Explain logical security concepts. 
1002-2.3 Compare and contrast wireless security protocols and authentication methods. 
1002-2.7 Given a scenario, implement security best practices to secure a workstation. 


You have seen how logical and physical security controls can be deployed together in 
an access control system. In this topic, we will focus on best practices regarding 
authentication and authorization. You need to make sure that the devices attached to 
your network are only being operated by authorized users. To ensure that, you have to 
use policies and technologies effectively to protect their account credentials. 


AUTHENTICATION 


Workstation security is ensured by following best practices. As you have seen, best 
practices can include things like using antivirus software, configuring a firewall, 
configuring execution control, and using patch management procedures. These 
controls are very important but the cornerstone of effective security is an access 
control system. Accounts on the computer system are configured with permissions to 
access resources and (for privileged accounts) rights to change the system 
configuration. To access an account, the user must authenticate by supplying the 
correct credentials, proving that he or she is the valid account holder. 


The validity of the whole access control system depends on the credentials for an 
account being known to the account holder only. The format of the credentials is called 
an authentication factor. There are many different authentication factors. They can 
be categorized as something you know (such as a password), something you have (such 
as a Smart card), or something you are (such as a fingerprint). Each has advantages and 
drawbacks. 


SOMETHING YOU KNOW: STRONG PASSWORDS 


The typical "something you know" factor is the logon, which comprises a username 

and a password. The username is typically not a secret (though it's wise to share it as 

little as possible), but the password must be known only by a single user. 

For a system to be secure against attack, strong passwords are required. Hackers often 

use dictionary files containing popular words and phrases, or they may investigate the 

background of their target to look for likely passwords. Once a hacker obtains a 

password, she or he can gain access to a system posing as that person. 

The following rules make passwords difficult to guess: 

* Alonger password is more secure—between 8 and 14 characters is suitable for an 
ordinary user account. Administrative accounts should have longer passwords. 

* No single words—better to use word and number/punctuation combinations. 

* No obvious phrases in a simple form—birthday, username, job title, and so on. 

+ Mix upper and lowercase. 

« Use an easily memorized phrase—underscored characters or hyphens can be used 
to represent spaces if the operating system does not support these in passwords. 

* Do not write down a password or share it with other users. 
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* Change the password periodically. 


The main problem with passwords is that they are prone to user error; selecting weak 
passwords, writing them down, and so on. Some types of behavior can be improved by 
system policies. 


Another concern is password management. A typical user might be faced with having 
to remember dozens of logons for different services and resort to using the same 
password for each. This is unsecure, as your security becomes dependent on the 
security of these other (unknown) organizations. In a Windows domain, password 
management can be mitigated by applications that are compatible with the Kerberos 
authentication mechanism used by the domain. This is referred to as single sign on. 
Users must also be trained to practice good password management—at the least not 
to re-use work passwords on websites they access in a personal capacity. 


Another instance of "something you know" authentication is a password reset 
mechanism, where to authorize the reset you have to answer with some personal 
information (childhood friend, city or town of birth, and so on). 


BIOS/UEFI PASSWORDS 


A system user password is one that is required before any operating system can boot. 
The system password can be configured by the BIOS or UEFI firmware setup program. 
A BIOS user password is shared by all users and consequently very rarely configured. It 
might be used to provide extra security on a standalone computer that does not often 
require user logon, such as a computer used to manage embedded systems. A PC with 
UEFI firmware may support pre-boot authentication. This means that the system loads 
an authentication application to contact an authentication server on the network and 
allow the user to submit the credentials for a particular user account. 


Note: The system user password just allows the computer to proceed with the boot 
process. A system/supervisor password protects access to the firmware system setup 


program. Configuring a user password requires a supervisor password to be set, too. 


SOMETHING YOU HAVE: SMART CARDS AND TOKENS 


There are various ways to authenticate a user based on something they have (a token). 
A smart card contains a chip that stores the user's account details in a digital 
certificate. The logon provider uses the certificate to decide if it should trust the card 
and ensure secure transmission of the credentials. The card must be presented to a 
card reader before the user can be authenticated. The user must typically also input a 
PIN or biometric scan. This prevents misuse of lost or stolen cards. It is also possible 
for the data to be read wirelessly (contactless cards), via Radio Frequency 
Identification (RFID). 


Another token-based technology is the SecurID token, from RSA. A key fob generates a 
random number code synchronized to a code on the server. The code changes every 
60 seconds or so. This is an example of a one-time password. 
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Key fob token generator. (Image © 123RF.com.) 


The main concerns with token-based technologies are loss and theft and the chance 
that the device can be faked. There are also equipment and maintenance costs. 


SOMETHING YOU ARE: BIOMETRICS 


Something you are means employing some sort of biometric recognition system. Many 
types of biometric information can be recorded, including fingerprint patterns, 
signature recognition, iris or retina recognition, or facial recognition. 


The chosen biometric information (the template) is scanned and recorded in a 
database. When the user wants to access a resource, he or she is re-scanned and the 
scan compared to the template. If they match, access is granted. 


The main problems with biometric technology are that users find it intrusive and 
threatening to privacy, setup and maintenance costs, and the chance that the 
confirmation scan could be spoofed. For example, a facial recognition scan could be 
fooled by using a photo of the subject. Biometrics can also be prone to false negative 
and false positives. A false negative occurs when the system denies entry when it 
should allow it. A false positive occurs when the system grants entry when it should 
deny it. 


MULTIFACTOR AUTHENTICATION 


An authentication technology is considered "strong" if it combines the use of more 
than one type of factor (multifactor). Single factor authentication systems can quite 
easily be compromised: a password could be written down or shared, a smart card 
could be lost or stolen, and a biometric system could be subject to high error rates. 


Two-factor authentication combines something like a smart card or biometric 
mechanism with "something you know," such as a password or PIN. Three-factor 
authentication combines all three technologies. An example of this would be a smart 
card with integrated thumb- or fingerprint reader. This means that to authenticate, the 
user must possess the card, the user's fingerprint must match the template stored on 
the card, and the user must input a PIN. 


Note: Multifactor authentication requires a combination of different technologies. For 
example, requiring a PIN along with Date of Birth may be stronger than entering a PIN 


alone, but it is not multifactor. 
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SOFTWARE TOKENS 


Most networks and services require users to authenticate before providing access. The 
problem is that the user does not want to have to submit his or her credentials every 
time he or she performs an action. The user expects the system to remember that they 
have authenticated already. To accommodate this, the system grants a software token 
to the device or app that the user used to authenticate with. Whenever the user 
submits a request, the app submits the authorization token as proof that the user is 
authenticated. 


If the token system is not designed securely, any third-party that is able to obtain the 
token from the user's device or capture it as it is transmitted over the network will be 
able to act as that user. This is called a replay attack. 


Token-based authorization is used on Single Sign On (SSO) networks. One example is 
the Kerberos authentication and authorization system used for Windows domain 
logon. On the web, tokens can be implemented using cookies, but JavaScript Object 
Notation JSON) Web Tokens (JWT) are now more popular. Software tokens can use 
digital signing to prove the identity of the issuing server. Tokens should also be 
designed with mechanisms to prevent replay. This could mean issuing them as "use 
once" or time-limiting them. 


REMOTE AUTHENTICATION 


Enterprise networks and ISPs potentially need to support hundreds or thousands of 
users and numerous different remote and wireless access technologies and devices. 
The problem arises that each access device needs to be configured with authentication 
information, and this information needs to be synchronized between them. 


RADIUS 


A scalable authentication architecture can be developed using RADIUS. RADIUS stands 
for Remote Authentication Dial-in User Service. Under this protocol, Authentication, 
Authorization, and Accounting are performed by a separate server (the AAA server). 
Network access devices, such as routers, switches, wireless access points, or VPN 
servers, function as client devices of the AAA server. Rather than storing and validating 
user credentials directly, they pass this data between the AAA server and the user. 
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TACACS+ 

Terminal Access Controller Access Control System Plus (TACACS+) is a similar 
protocol to RADIUS but designed to be more flexible and reliable. TACACS+ was 
developed by Cisco® but is also supported on many of the other third-party and open 
source RADIUS server implementations. Where RADIUS is often used to authenticate 
connections by wireless and VPN users, TACACS+ is often used in authenticating 
administrative access to routers and switches. 


PASSWORD AND ACCOUNT POLICIES 


Despite the availability of multifactor methods, many authentication systems are still 
based on passwords. This means that good password management is a critical 
element of network security. Users can be made to choose strong passwords by 
configuring account policies. There are also more general account policies that can be 
applied to improve security. 


ACCESS CONTROL POLICIES 


Most resources in a computer or network environment are protected from 
unauthorized use by an Access Control List (ACL). An ACL is basically a list of subjects 
(users or computers) and the privileges they have on the object (or resource). ACLs can 
be defined for resources such as files and directories or for network connections (a 
firewall ACL). 


The following policies enforce the use of ACLs and ensure that they are effective: 


* Requiring passwords (mandatory logon)—when Windows is used for home 
computers, local user accounts are allowed to be configured without passwords. In 
a business environment, the security policy will default to requiring the user to sign 
in with a password. 

* Change default admin user—rename default accounts so attackers cannot use 
known account names to access the system. It can make it harder to "hack" a 
computer if the identity of the default administrator or root account is concealed. In 
Windows, this account is disabled by default and replaced with a named account 
created during setup. 

* Change default user passwords—as well as default usernames, appliances ship with 
a default password, such as "admin" or "password." To secure the device, you must 
change this when first setting it up. 

* Disable guest account—the guest account allows limited access to Windows but is 
disabled by default. Keep it disabled to prevent unauthorized access to any shared 
files and folders on the device or system. File permissions can be allocated to the 
Everyone group account and the guest account is a member of Everyone. This might 
be overlooked when configuring permissions as the guest account is not typically 
enabled. 

* Restricting user permissions (least privilege)—least privilege is a basic principle of 
security stating that someone (or something) should be allocated the minimum 
necessary rights, privileges, or information to perform their role. Users can be 
configured either as administrators or standard users. Additionally, User Account 
Control mitigates against exploitation of administrative privileges. 


LOCAL SECURITY POLICY AND GROUP POLICY 

On a standalone workstation, password and account policies can be configured via the 
Local Security Policy snap-in (secpol.msc) or the Group Policy snap-in 
(gpedit.msc). 


© Note: These tools are not available on the Basic/Home/Core editions of Windows. 


Lesson 16: Securing Workstations and Data | Topic A 


The Official CompTIA® A+® Core 7 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 935 


On a Windows domain network, Group Policy Objects (GPO) can be saved as 
collections of group policy settings. 


PASSWORD PROTECTION POLICIES 


System policies can help to enforce credential management principles by stipulating 
particular requirements for users. Password protection policies mitigate against the 
risk of attackers being able to compromise an account and use it to launch other 
attacks on the network. 
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Configuring domain password policy using Group Policy. (Screenshot used with permission from 
Microsoft.) 


The following table provides some examples used by Windows. 


Policy Description 
Minimum password length A minimum acceptable password length is specified. 
Password must meet Enforce password complexity rules—that is, no use of 


complexity requirements username within password and combination of at least 
six upper/lower case alpha-numeric and non-alpha- 
numeric characters. Note that this only applies when 
passwords are created or changed. Existing passwords 
are not tested against the policy. 


Maximum password age This configures a password expiration policy. When the 
time limit is reached, the user is forced to change the 
password. 
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Policy Description 


Enforce password history/ This specifies that a unique password must be used 

Minimum password age when the user changes the password. The system 
remembers up to 24 previously used passwords so the 
minimum password age must be set to a value of 1 or 
greater to make the policy effective (otherwise users can 
quickly cycle through a number of passwords to get back 
to choosing an old favorite). 


User cannot change This user account setting stops the user from changing 
password his or her account password. 


Password never expires This user account setting can override a system policy set 
to force a regular password change. 


Note: "Password reuse" can also mean using a work password elsewhere (on a website, 
for instance). Obviously, this sort of behavior can only be policed by "soft" policies. 


ACCOUNT RESTRICTIONS 


To make the task of compromising the user security system harder, account 
restrictions can also be used. These may be specific to a particular user or applied 


globally. 

Policy Description 

Logon Time For each account on the system, access to the server may be 
Restrictions restricted to particular times. Periodically, the server checks 


whether the user has the right to continue using the network. 
If the user does not have the right, then an automatic logout 
procedure commences. 

Station Restrictions User access to the server can be restricted to a particular 
workstation or a group of workstations. 

Concurrent Logons By default, any user can log on to the domain from multiple 
workstations. If required, concurrent logons may be 
restricted to a specific number of connections. 


Account Expiration Setting an expiration date means that an account cannot be 

Date used beyond a certain date. This option is useful for accounts 
for temporary and contract staff. 

Disable Account Once an account is disabled, the user is denied access to the 
server until the network administrator re-enables the 
account. 

Failed Attempts The network administrator may specify a maximum number 

Lockout of incorrect logon attempts within a certain period. Once the 


maximum number of incorrect logons has been reached, the 
server disables the account. This prevents hackers from 
trying to gain system access using lists of possible passwords. 


DESKTOP LOCK AND TIMEOUT 


One problem with the logon system is that once logged on, the system trusts the 
workstation implicitly. If a user leaves the workstation unattended, someone else could 
perform actions as though they were that user (a so-called "lunchtime attack"). To 
prevent the possibility of this happening, users should be trained to lock the 
workstation whenever they leave it. The simple means of doing this is to press 
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Windowst+tL (every version of Windows puts the menu option for lock screen ina 
different place). Another way of locking the computer is to set a screensaver-required 
password. The screensaver can be set to timeout and lock the desktop after a set 
period of inactivity (no mouse or keyboard input). The user must then input their 
credentials to resume the session. 


Note: On a domain, a GPO can be configured to enforce the use of password-protected 
screensavers. 


GUIDELINES FOR IMPLEMENTING SECURITY BEST 
PRACTICES 


Note: All of the Guidelines for this lesson are available as checklists from the Checklist 
Vf tile on the CHOICE Course screen. 


Here are some best practices to follow for implementing security on workstations and 
data. 


IMPLEMENT SECURITY BEST PRACTICES 


Follow these guidelines for implementing security best practices: 


* Consider using multifactor authentication. 

* Create secure passwords. 

* Consider password protecting BIOS/UEFI. 

* Take measures to prevent software tokens from being used in replay attacks. 


* Consider using RADIUS in VPN implementations and TACACS+ for authenticating 
administrative access to routers and switches. 


* Enforce use of ACLs through Local Security Policy or Group Policy Objects. 

* Enforce the use of strong passwords through GPOs. 

* Implement account restrictions to make compromising user security harder. 
* Require users to lock unattended systems. 

* Implement timeouts for unattended systems. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 
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Activity 16-1 


Discussing Security Best Practices 
Implementation 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What constitutes a strong password? 


2. How does a smart card provide authentication? 


3. Why should use of a smart card be protected by a PIN? 


4. What are the drawbacks of biometric authentication technologies? 


5. What type of biometric recognition is most suitable for integrating with a 
laptop computer? 


6. What general methods can be used to prevent a replay attack against a 
software token? 


7. In AAA architecture, what type of device might a RADIUS client be? 
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8. What type of account policy can protect against password-guessing attacks? 
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Topic B 


Implement Data Protection Policies 


EXAM OBJECTIVES COVERED 
a 1002-1.6 Given a scenario, use Microsoft Windows Control Panel utilities. 


1002-2.2 Explain logical security concepts. 

1002-2.6 Compare and contrast the differences of basic Microsoft Windows OS security 
settings. 

1002-2.7 Given a scenario, implement security best practices to secure a workstation. 
1002-4.6 Explain the processes for addressing prohibited content/activity, and privacy, 
licensing, and policy concepts. 


An access control system designates which accounts are authorized to view and 
modify which data files or records. In designing security, however, you always have to 
think about what might go wrong. What if an attacker can circumvent the access 
control system somehow? When data that should be kept private is breached, it is 
almost impossible to recover and re-secure. As a CompTIA A+ technician, it is 
imperative that you be able to recognize confidential and sensitive data types and 
understand the mechanisms that can be deployed to keep data secure. 


DATA POLICIES 


Most organizations process private, confidential, and secret information, recorded in 
different kinds of documents or data stores. Document management, or more 
generally Information Content Management (ICM), is the process of managing 
information over its lifecycle, from creation to destruction. At each stage of the 
lifecycle, security considerations are vital. All employees must be trained to identify 
different types of confidential, private, and regulated data and follow all policies and 
security best practices when handling it. 


Most documents go through one or more draft stages before they are published and 
subsequently may be revised and re-published. As a draft or revision, a document will 
be subject to a workflow, which describes how editorial changes are made and 
approved. The workflow will specify who are the authors, editors, and reviewers of the 
document. 


As part of the creation process, the document must be classified depending on how 

sensitive it is. Classification restricts who may see the document contents. 

Classification is generally divided into several levels, following military usage: 

* Unclassified—there are no restrictions on viewing the document. 

* Classified (internal use only/official use only)—viewing is restricted to the owner 
organization or to third-parties under a Non-disclosure Agreement (NDA). 

* Confidential—the information is highly sensitive, for viewing only by approved 
persons within the organization (and possibly by trusted third-parties under NDA). 

* Secret—the information is too valuable to permit any risk of its capture. Viewing is 
severely restricted. 

* Top Secret—this is the highest level of classification. 

Confidential, secret, and top-secret information should be securely protected 

(encrypted) for storage and transmission. 

Over its lifecycle, information may change in sensitivity, typically (but not always) 

becoming less sensitive over time. A document may be downgraded to a lower security 
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level or eventually declassified. In this circumstance, there needs to be a clear process 
of authorization and notification so that confidentiality is not breached. 


Corporate documents such as accounts information, product designs, and sales plans 
are relatively simple to identify and classify. Companies must also take regard of other 
types of sensitive information, such as Personally Identifiable Information (PII), 
software licenses, and Digital Rights Management (DRM) content. 


Note: While we have discussed documents, the same principles hold for other types of 
information store, such as records in a database. 


Pil 


The rise in consciousness of identity theft as a serious crime and growing threat means 
that there is an increasing impetus on government, educational, and commercial 
organizations to take steps to obtain, store, and process Personally Identifiable 
Information (PII) more sensitively and securely. 


PII is data that can be used to identify, contact, or locate an individual or, in the case of 
identity theft, to impersonate them. A social security number is a good example of PII. 
Others include names, date of birth, email address, telephone number, street address, 
biometric data, and so on. 


Some types of information may be PII depending on the context. For example, when 
someone browses the web using a static IP address, the IP address is PII. An address 
that is dynamically assigned by the ISP may not be considered PII. These are the sort of 
complexities that must be considered when laws are introduced to control the 
collection and storage of personal data. 


Employees should be trained to identify PII and to handle personal or sensitive data 
appropriately. This means not making unauthorized copies or allowing the data to be 
seen or captured by any unauthorized persons. Examples of treating sensitive data 
carelessly include leaving order forms with customers’ credit card details on view ona 
desk, putting a credit card number in an unencrypted notes field in a customer 
database, or forwarding an email with personal details somewhere in the thread. 


Note: In the European Union (EU), personal data is subject to Data Protection laws, 

oe recently updated by the General Data Protection Regulation (GDPR) framework, which 
make data handlers responsible for compliant collection and storage of personal 
information. The US does not have comparable legislation though it does operate a 
"Privacy Shield" scheme for US companies exchanging data with EU ones. While there is 
no single "data protection" law in the US, there are various Federal and state-level 
statutes that impact privacy and data collection/processing. 


PII may also be defined as responses to challenge questions, such as "What is your 
favorite color/pet/movie?" PII is often used for password reset mechanisms and to 
confirm identity over the telephone. Consequently, disclosing PII inadvertently can lead 
to identity theft. 


PROTECTED HEALTH INFORMATION (PHI) 


Protected Health Information (PHI) refers to medical and insurance records, plus 
associated hospital and laboratory test results. PHI may be associated with a specific 
person or used as an anonymized or de-identified data set for analysis and research. 
An anonymized data set is one where the identifying data is removed completely. A de- 
identified data set contains codes that allow the subject information to be 
reconstructed by the data provider. PHI trades at high values on the black market, 
making it an attractive target. Criminals would seek to exploit the data for insurance 
fraud or possibly to blackmail victims. PHI data is highly sensitive and unrecoverable. 
Unlike a credit card number or bank account number, it cannot be changed. 
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Consequently, the reputational damage that would be caused by a PHI data breach is 
huge. 


PAYMENT CARD INDUSTRY DATA SECURITY STANDARD (PCI DSS) 
There are also industry-enforced regulations mandating data security. A good example 
is the Payment Card Industry Data Security Standard (PCI DSS) governing 
processing of credit card and other bank card payments. It sets out protections that 
must be provided if cardholder data—names, addresses, account numbers, and card 
numbers and expiry dates—is stored. It also sets out sensitive authentication data, 
such as the CV2 confirmation number or the PIN used for the card (not that the 
cardholder should ever divulge that to a third party). 


Regulations such as PCI DSS have specific cybersecurity control requirements; others 
simply mandate "best practice," as represented by a particular industry or 
international framework. Frameworks for security controls are established by 
organizations such as the National Institute of Standards and Technology (NIST). 


ACLs AND DIRECTORY PERMISSIONS 


It's easy to overlook the fact that the most important part of a computer system is the 
data stored on it. A computer is just a tool and is relatively easy to replace. Data could 
represent days, months, or years of work. Data can be protected against unauthorized 
access, modification, or deletion by several mechanisms. 


A permission is a security setting that determines the level of access a user or group 
account has to a particular resource. Permissions can be associated with a variety of 
resources, such as files, printers, shared folders, and network directory databases. 
Permissions can typically be configured to allow different levels of privileges, or to 
deny privileges to users who should not access a resource. 


A permission is usually implemented as an Access Control List (ACL) attached to each 
resource. The ACL contains a number of Access Control Entries (ACE), which are 
records of subjects and the permissions they hold on the resource. A subject could be 
identified in a number of ways. On a network firewall, subjects might be identified by 
MAC address, IP address, and/or port number. In the case of directory permissions in 
Windows, each user and security group account has a unique Security ID (SID). 


Recall that in Windows, there are two systems of permissions: 


* File-system permissions enforced by NTFS allow the object owner to set access 
control to individual files and folders. File-level permissions will prevent any 
unauthorized access to a file or folder both across the network and locally by 
prompting all users, including the user who created the file, to enter the correct 
user name and password for access. 

* Share-level permissions only apply when a folder is accessed over a network 
connection. They offer no protection against a user who's logged on locally to the 
computer or server containing the shared resource. 


Separate permissions at the share level and file level is unique to Windows 
environments. In Linux, the same set of read, write, and delete permissions are valid at 
both the local level and across the network. 


DATA ENCRYPTION 


When data is hosted on a file system, it can be protected by the operating system's 
security model. Each file or folder can be configured with an Access Control List (ACL), 
describing the permissions that different users (or user groups) have on the file. These 
permissions are enforced only when the OS mediates access to the device. If the disk is 
exposed to a different OS, the permissions could be overridden. To protect data at-rest 
against these risks, the information stored on a disk can be encrypted. 
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FILE/FOLDER ENCRYPTION (EFS) 


One approach to encrypting file system data is to apply encryption to individual files or 
folders. The Encrypting File System (EFS) feature of NTFS supports file and folder 
encryption. EFS is only available to use with professional/enterprise editions of 
Windows. 


Without strong authentication, encrypted data is only as secure as the user account. If 
the password can be compromised, then so can the data. The user's password grants 
access to the key that performs the file encryption and decryption. 


There is also the chance of data loss if the key is lost or damaged. This can happen if 
the user's profile is damaged, if the user's password is reset by an administrator, or if 
Windows is reinstalled. It is possible to back up the key or (on a Windows domain) to 
set up recovery agents with the ability to decrypt data. 


To apply encryption, open the file's or folder's property sheet and select the Advanced 
button. Check the Encrypt contents box, then confirm the dialog boxes. 


EEEE 
i 
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Gi | i 
ée 4 lia > This PC eneral Sharing Security Previous Versions Customise Í men =n meee p 
I Desktop ^ l [LABFILES 
=| Documents —= E F] Choose the settings you want for this folder. 
Eem 
T File folde When you dick OK or Apply on the Properties dialogue, you will 
+ Downloads = meee be asked if you want the changes to affect all subfolders and 
d Music Location: CA files as well. 
=) Pictures Size 24.5 MB (25,764,139 bytes) Archive and Index attributes 
BH Videos Size on disk: 24.5 MB (25,767,936 bytes) Folder is ready for archiving 
* Local Disk (C:) Diiia 3 Files. 0 Folders z ae this folder to have contents indexed in addition to file 
= BD-ROM Drive (D: I Exes 
aa Flash Drive (l:) Created: 30 September 2018, 18:07:18 Compress P atrial 
= labfiles (\\Comptii i 
a =i ià F Attributes: m| Read-only (Only applies to files in folder) Compress contents to save disk space | 
‘py Libraries Hidden pemr M] Encrypt contents to secure data 
we Flash Drive (l:) 
È Network OK Cancel 
E Control Panel i | 
â| Recycle Bin | 
HP 
= OK Cancel App š | 
Qitems 1 item selected = | 
EO ee 


Applying encryption to a folder using EFS. (Screenshot used with permission from Microsoft.) 


Folders and files that have been encrypted can be shown with green color coding in 
Explorer. Any user other than the one that encrypted the file will receive an "Access 
Denied" error when trying to browse, copy, or print the file. 
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de | OB = | Local Disk D 
Home Share View e 
€ ~ 4 Qe > ThisPC > Local Disk (C:) vd Search Local Disk (C:) Pp 
gt Quick access 
IM Desktop + 
> 

4 Downloads + 

pia LABFILES 

[=| Documents + 

= Intel LABFILES Pee Program Files 

i=! Pictures t You don't currently have permission to (x86) 

d Music 


Users Windows 


access this folder. 
E Videns Click Continue to permanently get access to this 
Ge OneDrive ~ folder. 
E This PC E RS 


we Flash Drive (l:) 


EÈ Network 


Qitems 1 item selected 


A file that has been encrypted cannot be opened by other users—even administrators. (Screenshot 
used with permission from Microsoft.) 


FULL DISK ENCRYPTION 


An alternative to file encryption is to use a Full Disk Encryption (FDE) product. The 
BitLocker disk encryption product is built into Windows Enterprise editions and is 
available with Windows 7 Ultimate, Windows 8 Pro, and Windows 10 Professional. 


Be BitLocker Drive Encryption 
M EA «< System and Security > BitLocker Drive Encryption vv 


Search Control Panel P 


(2) 
Control Panel H . . . 
oniro “ee BitLocker Drive Encryption 


Help protect your files and folders from unauthorised access by protecting your drives with BitLocker. 


Operating system drive 


C: BitLocker off 


P” @ Turn BitLocker on 


Fixed data drives 


Removable data drives - BitLocker To Go 


See also LABFILES (F:) BitLocker off 
@ TPM Administration 
@® Disk Management Flash Drive (I:) BitLocker off 
Privacy statement 


Configuring BitLocker and BitLocker To Go via the Control Panel. (Screenshot used with permission 
from Microsoft.) 
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Disk encryption carries a processing overhead but modern computers usually have 
processing capacity to spare. It is particularly useful for mobile devices, such as 
laptops, and removable drives. The main advantage is that it does not depend on the 
user to remember to encrypt data so mitigates the risk of data loss in the case of the 
theft or loss of the device. Disk encryption also encrypts the swap file, print queues, 
temporary files, and so on. 


BitLocker® can be used with any volumes on fixed (internal) drives. It can also be used 
with removable drives in its BitLocker To Go form. 


B 9 z 
Computer 


e ~ 4 E , ThisPC 


View 


A 


XÆ Quick access 
} Downloads 


[=| Documents 


E Desktop 
B Creative Cloud Files 
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Manage 
7 Folders (7) 
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v Devices and drives (4) 
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(C) 


Network locations (1) 
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BD-ROM 
Drive (D:) 
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sy 


Documents 


= 


USB Drive 
(F) 


BitLocker (F:) 


Enter password to unlock this drive. 


Lo 


a 


Downloads Music 


= 
Flash Drive 
(:) 


Connected to USB 3.0 


| 


Removable drive protected with BitLocker To Go. (Screenshot used with permission from Microsoft.) 


Note: /n older Windows versions (Vista and XP), there was no support for encrypting 
removable drives. BitLocker To Go Reader is a standalone application that allows USB 
drives encrypted in Windows 7 or later to be read in Windows XP or Windows Vista. This 
gives the user read-only access to the files on the drive. They can be copied but this 
removes the encryption from the copies. 


When the data is encrypted, the user must have access to the encryption key to access 
it. Some disk encryption products, including BitLocker, can make use of a Trusted 
Platform Module (TPM) chip in the computer to tie use of a hard disk to a particular 
motherboard. The TPM is used as a secure means of storing the encryption key and to 
ensure the integrity of the OS used to boot the machine. Alternatively, the key could be 
stored on a removable smart card or on a USB stick. The computer's firmware must 
support booting from USB for the last option to work. 


Note: The TPM must be configured with an owner password (often the system password 
set in firmware). You can manage TPM settings from Windows using the TPM 


Management snap-in (select TPM Administration from the BitLocker applet). 


During BitLocker setup, a recovery key is also generated. This should be stored on 
removable media (or written down) and stored securely (and separately from the 
computer). This key can be used to recover the encrypted drive if the startup key is 


lost. 


DATA LOSS PREVENTION (DLP) 


In a workplace where mobile devices with huge storage capacity proliferate and high 
bandwidth network links are readily available, attempting to prevent the loss of data by 
controlling the types of storage device allowed to connect to PCs and networks can be 
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impractical. Another option is to use policies or software to prevent data "leakage" or 
loss by focusing on the data files. 


Users must of course be trained about document confidentiality and make sure that 
they are aware of the insecurity of unencrypted communications. This should also be 
backed up by Human Resources (HR) and auditing policies that ensure staff are 
trustworthy. "Soft" measures such as these do not protect against user error or insider 
threats, however. 


Data Loss Prevention (DLP) products scan content in structured formats, such as a 
database with a formal access control model, or unstructured formats, such as email 
or word processing documents. DLP software uses some sort of dictionary database or 
algorithm (regular expression matching) to identify confidential data. The transfer of 
content to removable media, such as USB devices, or by email, IM, or even social 
media, can then be blocked if it does not conform to a predefined policy. 


Such solutions will usually consist of the following components: 


* Policy server—to configure confidentiality rules and policies, log incidents, and 
compile reports. 

* Endpoint agents—to enforce policy on client computers, even when they are not 
connected to the network. 

e Network agents—to scan communications at network borders and interface with 
web and messaging servers to enforce policy. 


ill 
m 
QR 


& 2 eA la office.com ok 


Compliance 


New DLP policy 


Customize the type of content you want to protect 


If you're creating a custom policy, choose at least one sensitive into type or label to protect. If you started with a template, review the sensitive 
@® choose the information to protect into types that are already included, or click Edit to add or remove types or labels. 


© Find content that contains: 
US. Individual Taxpayer Identification Number (ITIN) 
US. Social Security Number (SSN) 
US. / U.K. Passport Number 


@ Name your policy 


@® choose locations Edit 


EZ Detect when this content is shared: 
Policy settings | with people outside my organization 


© Use advanced settings 


@ Review your settings 


Back Next Cancel 


Creating a Data Loss Prevention policy in Office 365. Used with permission from Microsoft. 


SOFTWARE LICENSING AND DRM 


As well as managing use of confidential and sensitive data, you need to consider 
methods for identifying and removing prohibited content. The acceptable use policies 
built into most employee contracts will prohibit the abuse of Internet services to 
download games or obscene content. Employees should also avoid using work 
accounts for personal communications. 


Prohibited content also extends to the installation and use of software. When you buy 
software, you must accept the license governing its use, often called the End User 
License Agreement (EULA). The terms of the license will vary according to the type of 
software, but the basic restriction is usually that the software may only be installed on 
one computer. 
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The software is often activated using a product key, which will be a long string of 
characters and numbers printed on the box or disk case. The product key will generate 
a different product ID, which is often used to obtain technical support. The product ID 
is displayed when the application starts and can be accessed using the About option 
on the Help menu. 


A company may have hundreds of employees who need the same software on their 
computers. Software manufacturers do not expect such companies to buy individual 
copies of the software for each employee. Instead, they will issue a license for multiple 
users, which means that the company can install the software on an agreed number of 
computers for their employees to use. 


If a site has a large number of computers, these computers are often networked. This 
means that software bought under license can be installed onto a network server so 
that all authorized users can access it without it being installed on each individual 
computer. 


Consider the example of Microsoft Windows. Windows is commercial software, 
meaning it must be paid for. A condition of installing Windows is accepting the EULA. 
Microsoft requires you to activate Windows when you install it, which helps them to 
verify that you are not breaking the terms of the license. There are several different 
types of license, summarized here: 


* Original Equipment Manufacturer (OEM)—this is for pre-installed versions of 
Windows sold with new PCs. The license is not transferable and the software may 
not be installed on a different PC. 

e Retail—these personal licenses are subdivided into Full and Upgrade versions of 
software. The software may be transferred between computers but may only be 
installed on one computer at any one time. Upgrade versions require a valid license 
and setup media for a qualifying upgrade product. 

* WVolume—these enterprise licenses are schemes to simplify license administration 
in larger organizations and businesses. 

* Server—licensing for servers is different from licensing desktop software. As well as 
a license for the software installed on the server, Client Access Licenses (CAL) are 
required, based on the number of clients accessing the software services. CALs can 
be sold per server (limiting the number of simultaneous accesses) or per seat 
(specifying each unique device or user). 


It is illegal to use or distribute unauthorized copies of software (pirate copies). Pirated 
software often contains errors and viruses as well. Enterprises need monitoring 
systems to ensure that their computers are not hosting unlicensed or pirated software. 


SHAREWARE, FREEWARE, AND OPEN SOURCE APPLICATIONS 


Shareware, freeware, and open source licenses are different ways of distributing 
applications to commercial software: 


* Shareware is software that you can install free of charge so that you can evaluate it 
for a limited period. If you decide to continue using the software after this period, 
you must register it, usually for a fee. When you register the software you often 
become entitled to extra features and support. 


+ Freeware is software that is available free of charge. 


Note: Even if software is distributed as shareware or freeware, the copyright is still 
held by the publisher or designer. Both shareware and freeware may still be governed 


by a license, which may restrict its use (for example, to prevent commercial use of the 
product or to redistribute or resell it). 


* Open source is software that also makes the program code used to design it 
available. The idea is that other programmers can investigate the program and 
make it more stable and useful. An open source license does not forbid commercial 
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use of applications derived from the original, but it is likely to impose the same 
conditions on further redistributions. 


DIGITAL RIGHTS MANAGEMENT (DRM) 


Digital music and video is often subject to copy protection and Digital Rights 
Management (DRM). When you purchase music or video online, the vendor may 
license the file for use on a restricted number of devices. You generally need to use 
your account with the vendor to authorize and deauthorize devices when they change. 
Most DRM systems have been defeated by determined attackers and consequently 
there is plenty of content with DRM security removed circulating. From an enterprise's 
point-of-view, this is prohibited content and they need monitoring systems to ensure 
that their computers are not hosting pirated content files. 


GUIDELINES FOR IMPLEMENTING DATA PROTECTION 
POLICIES 


Here are some guidelines to follow regarding data protection policies. 


IMPLEMENT DATA PROTECTION POLICIES 


Follow these guidelines for implementing data protection policies: 


* Classify documents based on how sensitive it is. 

* Protect PII, PHI, and PCI data. 

* Implement permissions as ACLs attached to resources. 
+ Use full disk, folder, and file encryption. 

* Implement a data loss prevention policy. 

* Follow all software licensing agreements and DRM. 
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Activity 16-2 


Discussing Data Protection Policies 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Why should PII be classed as sensitive or confidential? 


2. What is PHI? 


3. True or false? The encryption applied by EFS can be overridden by the local 
administrator account. 


4. What is the function of a TPM in relation to Windows' BitLocker feature? 


5. You are advising a customer on purchasing security controls. 


What class of security technology prevents users from sending unauthorized 
files as email attachments? 


6. What type of software license is locked to a single hardware device? 
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Activity 16-3 


Configuring Data Protection 


BEFORE YOU BEGIN 


You will use accounts within an Active Directory (AD) domain, but you will work 
principally with the PC1 and PC2 VMs. 


SCENARIO 


In this activity, you will look at how file permissions, folder encryption, and disk 
encryption can and cannot protect data on removable and fixed disks. You cannot 
attach USB media to a VM, so you will use a second virtual hard disk (VHD) to simulate 
a removable drive. 


1. Attach a second virtual hard disk to PC1. It does not need to have a large capacity 


(8 GB is fine). 

a) Inthe Hyper-V Manager, right-click PC1 and select Settings. 

b) Select the SCSI Controller node and then, with Hard Drive selected in the box, select 
the Add button 

c) Select the New button. 

d) In the wizard, select Next to begin the wizard. 

e) With Dynamically expanding selected, select Next. 

f) Inthe Name box, type REMOVABLE and in the Location box, type C:\COMPTIA-LABS 
\TEMP and then select Next. 

g) Inthe Size box, type 8 and then select Finish. 
Select the Apply button. 


h) 
i) 


Leave the Settings dialog box open. 


2. Enable the virtual Trusted Platform Module (TPM) for PC1, and eject the product 
disc from the optical drive. 


a) 
b) 
c) 
d) 
e) 


In the Settings dialog box, select the DVD Drive node. 
In the Media panel, select None. 

In the Settings dialog box, select the Security node. 
Check the Enable Trusted Platform Module box. 

In the Settings dialog box, select OK. 


3. Start the VMs to create the network. 
You do not need to open connection windows for the VMs unless you are prompted to do 


SO. 


In Hyper-V Manager, right-click RT1-LOCAL and select Start. 
Right-click DC1 and select Start. 
Wait until the DC1 thumbnail shows the logon screen, and then start MS1. 


Wait until the MS1 thumbnail shows the logon screen, and then start PC1. Do NOT 
start PC2. 


Open a connection window for PC1. 
Select the Other user icon. 
Sign on using the account 515support\Bobby and password Pa$$w0rd 
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Initialize the new disk and format it with NTFS. 
a) Right-click Start and select Disk Management. 
b) Inthe Initialize Disk dialog, select OK. 


c) In the bottom of the window, right-click the Unallocated box on Disk 1 and select 
New Simple Volume. 


d) In the New Simple Volume Wizard, select Next twice to use all the available space 
on the disk. 


e) On the Assign Drive Letter or Path page, from the list box, select R and select Next. 
f) Inthe File system box, verify that NTFS is selected. 

g) Inthe Volume label box, type REMOVABLE and select Next. 

h) Select Finish. 

i) Close Disk Management. 


Create an UNSECURE folder on the disk, and add some files. 

a) Open File Explorer, and browse to the R: drive's root folder. 

b) Right-click and select New—Folder. Type UNSECURE and press Enter. 
c) Create some files in the UNSECURE folder. 


Set NTFS permissions on UNSECURE so that only the Bobby account has access. 

You will use this folder to show that the security properties set here can be overridden. 

a) In File Explorer, browse to the R: drive's root folder. 

b) Right-click the UNSECURE folder and select Properties. 

c) Inthe UNSECURE Properties dialog box, select the Security tab and then select the 
Advanced button. 

d) Inthe Advanced Security Settings for UNSECURE dialog box, select the Disable 
inheritance button. 

e) Select Convert inherited permissions into explicit permissions on this object. 


PETE 
0 @ 
Name: R:\UNSECURE 
Owner: F 
Block Inheritance x 
Permissions p . , : NE 
A What would you like to do with the current inherited permissions? 
For additional inf| Edit (if available). 
You are about to block inheritance to this object, which means that permissions 
Permission entrie} inherited from a parent object will no longer be applied to this object. 
Type Pri 
82 Allow Adi = Convert inherited permissions into explicit permissions on hii a 
8% Allow SY: this object. bfolders and files 
82 Allow Au bfolders and files 
BÈ Allow Us => Remove all inherited permissions from this object. bfolders and files 
Cancel 
Add Remove Vie 
Disable inheritance 


Replace all child object permission entries with inheritable permission entries from this object 


litem 1 item selected 
OK Cancel 


Disabling inherited permissions on a folder. (Screenshot used with permission from 
Microsoft.) 
f) | Inthe Advanced Security Settings for UNSECURE dialog box, select OK. 


OK Cancel App 
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g) Inthe UNSECURE Properties dialog box, select the Edit button. 
h) Select the Add button. 


i) In the Select Users or Groups dialog box, type bobby in the box and select Check 
Names. Select OK. 


j | With the Bobby account selected, in the Permissions for Bobby box, check the box 
for Full control in the Allow column. 


k) | Select the Apply button. 

1) In the Group or user names box, select Authenticated Users and then select the 
Remove button. 

m) Inthe Group or user names box, select Administrators (PC1\Administrators) and 
then select the Remove button. 

n) Inthe Group or user names box, select Users (PC1\Users) and then select the 
Remove button. 


B Permissions for UNSECURE x 
Security 
Object name: = R: \UNSECURE 


Group or user names: 
SR SYSTEM 
& Bobby (515eupport\bobby) 


Add Remove 
Permissions for Bobby Alow Deny 
Full control z D g 
Modify z] O 
Read & execute z| O 
List folder contents Z O 
Read =| O y 
oK Cancel Apply 


Edit the permissions entries so that only the Bobby and SYSTEM accounts remain. 
(Screenshot used with permission from Microsoft.) 


o) Select OK. 
p) Inthe UNSECURE Properties dialog box, select OK. 


7. Create a SECURE folder on the disk, and add some files. 


a) In File Explorer, browse to the R: drive's root folder. Right-click and select 
New-— Folder. Type SECURE and press Enter. 


b) Create some files in the SECURE folder. 


8. Apply encryption to the SECURE folder. You will use this folder to demonstrate 
that the information in it can be kept secure, so long as the encryption key is also 
protected. 


a) In File Explorer, browse to the R: drive's root folder. Right-click the SECURE folder and 
select Properties. Select the Advanced button. 
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Check the Encrypt contents to secure data box, and then select OK. 


alM B=! 3 
Home Share View @ 
€& > ~ Ñ æ> ThisPC > New Volume (R:) vd Search New Volume (R 2 
I Date modified Type Size 
* Q 
mi General Sharing Security Previous Versions Customize 11/21/2018 3:00 AM_ File folder 
11/21/2018 2:51 AM File folder 
vi 1 [SECURE ; 
gt l Advanced Attributes x 
=)! Type: File folder FE] Choose the settings you want for this folder. 
d N Location: RA When you dick OK or Apply on the Properties dialog, you will be 
asked if you want the changes to affect all subfolders and files 
E) s 828 KB (848,466 bytes) as well. 
Gm Ot Sizeondisk: 832KB (851,968 bytes) Archive and Index attributes 
TT} Contains: 2 Fies, 0 Folders Folder is ready for archiving 
— Mv] Allow files in this folder to have contents indexed in addition to file 
=d Ni Created: Today, November 21, 2018, 3 minutes ago Peres 
Attributes: m| Read-only (Only applies to files in folder) Compress or Encrypt attributes 
Hidden Advanced... Compress contents to save disk space 
| Encrypt contents to secure data Details 
[ae a 
OK Cancel Apply 
2items 1 item selected | = 


Use an object's advanced attributes dialog to apply EFS encryption. (Screenshot used with 
permission from Microsoft.) 
In the SECURE Properties dialog box, select the Apply button. 


In the Confirm Attribute Changes dialog box, with the Apply changes to this 
folder, subfolders and files option selected, select OK. 


This may take a few minutes. The progress bar will close when complete. 
In the SECURE Properties dialog box, select the Advanced button. 
Select the Details button and view the information in the dialog box. 


User Access to SECURE x 
Users who can access this file 


User Certificate thumbprint 
Bobby(Bobby@com .515support.com 4C45 C64B SADA DSF4 1987 3ECE ... 


Recovery certificates for this file as defined by recovery policy: 


Recovery certficate Certificate thumbprint 
administratoriedministrator@51Ssupport) EGES 2158 OBFD CCSF BSBC 0A73 72. 


Certificates used by the EFS. (Screenshot used with permission from Microsoft.) 


It shows the thumbprint for the certificate that was used to encrypt the folder. The 
administrator is automatically configured as a recovery agent for the domain 
network, and can recover the user certificate if lost or damaged. 
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10. 


11. 


12. 


g) Select Cancel. 
h) Inthe Advanced Attributes dialog box, select the OK button. 
i) In the SECURE Properties dialog box, select the OK button. 


j) Optionally, select View— Options, select the View tab, then check Show encrypted 
or compressed NTFS files in color and select OK to show color-coding for encrypted 
folders. 


Use BitLocker to encrypt the system disk. 

a) Click in the instant search box, and type bitlocker. From the search results, select 
Manage BitLocker. 

b) Under Operating system drive, select Turn on BitLocker. 

c) After the progress bar completes, if necessary, select Next. 


d) Read the warning about backing up files. This is a good idea but you will skip it for this 
activity. Select Next. 


e) After the progress bar completes, select Next. 


f) | Onthe How do you want to back up your recovery key? page, select Save to a file. 
Navigate into the R:\UNSECURE folder and then select Save. 


g) Inthe BitLocker Drive Encryption wizard, select Next. 


h) On the Choose which encryption mode to use page, select Compatible mode and 
select Next. 


i) | With the Run BitLocker system box unchecked, select Start encrypting. 


j) Wait for the C: BitLocker Encrypting message to change to C: BitLocker on. This 
could take up to 40 minutes. Optionally, browse the options available from the TPM 
Administration link while you are waiting. 


Shut down PC1, create a checkpoint, and export the VM so you can use the virtual 
disks in another VM. 
a) Shut down the PC1 VM. 


b) In Hyper-V Manager, when the State changes to Off, right-click PC1 and select 
Checkpoint. 

c) Inthe Checkpoints pane, right-click the new checkpoint, and select Export. 

d) In the Export Virtual Machine dialog box, select Browse. 

e) Select the C:\COMPTIA-LABS\TEMP folder, and then select the Select Folder button. 

f) Inthe Export Virtual Machine dialog box, select Export. Wait for the Status column 
to clear. 


You might need to scroll right to view the Status column. The export will take about 5 
minutes to complete. 


Imagine that PC1 is a laptop that has just been stolen and that the REMOVABLE 
disk is a USB thumb drive that was also in the laptop bag that was pilfered by the 
thief. With PC2 now acting as the thief's computer, what data can be accessed? To 
find out, attach the disks to PC2. 

a) In Hyper-V Manager, right-click PC2 and select Settings. 


b) Select the SCSI Controller node and then, with Hard Drive selected in the box, select 
the Add button. 


c) Select the Browse button, select the C:\COMPTIA-LABS\TEMP\PC1\Virtual Hard 
Disks\PC1.vhdx and then select Open. Select Apply. 


d) Select the SCSI Controller node and then, with Hard Drive selected in the box, select 
the Add button. 


e) Select the Browse button. Select C:\COMPTIA-LABS\TEMP\PC1\Virtual Hard Disks 
\REMOVABLE.vhdx and then select Open. 


f) Select OK. 


Start PC2, and use the Admin account to gain access to the UNSECURE folder. 


a) Start the PC2 VM and open a connection window. 
b) | When the VM has booted, sign on as .\Admin with the password Pa$$w0rd 
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c) If prompted with the AutoPlay dialog box, close the box. 


d) Open Windows Explorer, and select the Computer object. You should see the foreign 
Local Disk with its BitLocker encryption symbol and the REMOVABLE disk. 


a 


aba 
GU -|= > Computer > X | 4p || Search Computer p| 
Organize v Properties System properties Uninstall or change a program >» Ev li @ 
Fr Favorites 4 Hard Disk Drives (3) 
EE Desktop Local Disk (C:) fj 
(ip Downloads Gao —  — =a Local Disk (E:) 
8.98 GB free of 19.8 GB 
=| Recent Places 
REMOVABLE (F:) 
id Libraries IM” 7.94 GB free of 7.98 GB 
-*] Documents ; 
d Music 4 Devices with Removable Storage (2) 
| Pictures = : E DVD Drive (D:) 
$ E Floppy Disk Drive (A:) J GSP1RMCENXVOL_EN_DVD 
E Videos = > 0 bytes free of 2.96 GB 
JE Computer 
Si Network 
` ' Local Disk (E:) BitLocker status: Locked 
Local Disk 


Browsing the foreign disks. (Screenshot used with permission from Microsoft.) 


e) Open the REMOVABLE drive (this is shown as drive F: in the screenshot). Open the 
UNSECURE folder. At the You don't currently have permission to access this 
folder warning, select Continue. Read the error message and select Close. 


f) Right-click UNSECURE and select Properties. Select the Security tab. 
g) Select the Continue button. 


h) Inthe Advanced Security Settings for UNSECURE dialog box, in the Change owner 
to box, select Admin (PC2\Admin). Check the Replace owner on subcontainers and 
objects box. Select OK. 


i) In the Windows Security dialog box, select Yes. Select OK. 
j) Select OK. 


k) | Browse the contents of the folder. You should be able to view and modify the files 
you created, but you shouldn't be able to view the recovery key yet. 


Now, try to view the encrypted folders and drives. 
a) Browse to the REMOVABLE drive's root folder and open the SECURE folder. 


b) Verify that you can view the folder contents. Try to open a file. If a warning dialog box 
is displayed, select OK or Cancel to close it. 


c) Open the Computer object, and double-click the BitLocker drive. Read the message 
prompting you for the recovery key. Leave this dialog box open. 


Try to retrieve the recovery key from the REMOVABLE disk, and use it to gain 

access to the BitLocker volume. 

a) Open the REMOVABLE drive's root folder and the UNSECURE folder. 

b) Right-click the BitLocker Recovery Key file and select Properties. Select the Security 
tab. Examine the permission entry. 


The only reason you don't yet have access to this file is that it was not set to inherit 
permissions from its parent folder. When you took ownership, the full control 
permissions were not applied to this object. But as the new owner, you can change 
the permissions easily. 


c) Select the Edit button. 
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d) 


e) 


h) 


Select the Add button. Type PC2\Admin in the box and select Check Names. Select 
OK. 


In the Permission for BitLocker Recovery Key dialog box, with the Admin account 
selected, check the Full control box in the Allow column. 


Select OK. 
In the BitLocker Recovery Key properties dialog box, select OK. 


Open the BitLocker Recovery Key file. Select the value under Recovery Key and copy 
it. 


“| BitLocker Recovery Key 6FA6F607-4664-4C97-BACE-2F2CFDC38FBE - Notepad fon ese] 
File Edit Format View Help 
BitLocker Drive Encryption recovery key 


To verify that this is the correct recovery key, compare the start of the following identif 
Identifier: 

6FA6F607 -4664-4C97-BACE-2F2CFDC38FBE 
If the above identifier matches the one displayed by your PC, then use the following key to 


Recovery Key: 


- 
Undo 
If the above identifier doesn't match the one displaye ri 
Try another recovery key, or refer to https://go.micr¢ Cut roa 


Copy 


Pa stele 
Delete 


Select All 


Right to left Reading order 
Show Unicode control characters 


Insert Unicode control character » 


Open IME 


Reconversion 


Copying the recovery key. (Screenshot used with permission from Microsoft.) 
Switch to the BitLocker Drive Encryption dialog box, and select Type the recovery 
key. 
Click in the box and press Ctrl+V to paste the key you copied. Optionally, also select 
More Information and verify that the key identification strings match. Select Next. 
Observe the message, but just select Finish. 
Browse the folders and files in the BitLocker volume. 


As you have seen, for file permissions to be effective, the disk must remain under the 
control of its original OS. This type of permissions system is referred to as 
discretionary, because the security is dependent on ownership. Encryption is non- 
discretionary, but for it to be effective, you must keep the key (or recovery key) 
secure. The recovery key should never be kept in the same physical location as the 
encrypted device. 


15. You need to revert the changes you made and discard the checkpoint you 
created. Please complete these steps carefully to ensure the other activities 
continue to function as expected. 


a) 
b) 
c) 


d) 
e) 


On PC2, from the connection window, select Action—Revert. If you are prompted, 
select the Revert button to confirm. 


In Hyper-V Manager, select PC1. In the Checkpoints pane, right-click the Initial 
Config checkpoint and select Apply. In the confirmation dialog box, select Apply. 
In the Checkpoints pane, right-click the dated checkpoint and select Delete 
Checkpoint. In the confirmation dialog box, select Delete. 

For each of the other VMs that are running, right-click them and select Revert. 


On the HOST, in File Explorer, browse to C:\COMPTIA-LABS\TEMP and delete the 
entire contents of folder. 
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Topic C 


Protect Data During Incident Response 


EXAM OBJECTIVES COVERED 
El 1002-4.6 Explain the processes for addressing prohibited content/activity, and privacy, 


licensing, and policy concepts. 


While you hope that security and data handling policies will be sufficient to protect 
your computer systems and networks, you also need to consider the situations where 
those protections fail. To cope with failures of security policy, or attempted breaches of 
policy, organizations need well-rehearsed incident response procedures to investigate 
and remediate the breach. 


As an IT technician, you will often be involved in identifying and reporting security 
incidents and potentially in assisting with investigations and evidence gathering. It is 
important that you understand some of the general principles of effective incident 
response and forensic investigation procedures. 


INCIDENT RESPONSE POLICIES 


In the course of performing technical support, you may have to report or respond to 
security incidents. A security incident could be one of a wide range of different 
scenarios, such as: 


«+ Acomputer or network infected with viruses, worms, or Trojans. 

* An attempt to break into a computer system or network through phishing or an 
"evil twin" Wi-Fi access point. 

* An attempt to damage a network through a Denial of Service (DoS) attack. 

e Users with unlicensed software. 

« Finding prohibited material on a PC—illegal copies of copyrighted material, obscene 
content, or confidential documents that the user should not have access to. 


An incident response policy sets out procedures and guidelines for dealing with 
security incidents. The actions of staff immediately following detection of an incident 
can have a critical impact on these aims, so an effective policy and well-trained 
employees are crucial. Incident response is also likely to require coordinated action 
and authorization from several different departments or managers, which adds a 
further level of complexity. 


SECURITY INCIDENT HANDLING LIFECYCLE 


The NIST Computer Security Incident Handling Guide special publication SP800-61 
identifies the following stages in an incident response lifecycle: 


* Preparation—making the system resilient to attack in the first place. This includes 
hardening systems, writing procedures, and establishing confidential lines of 
communication. It also implies creating incident response resources and 
procedures. 

* Detection and Analysis—determining whether an incident has taken place and 
assessing how severe it might be, followed by notification of the incident to 
stakeholders. 

* Containment, Eradication, and Recovery—limiting the scope and magnitude of 
the incident. The typical response is to "pull the plug" on the affected system, but 
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this is not always appropriate. Once the incident is contained, the cause can then be 
removed and the system brought back to a secure state. 

* Post-incident Activity—analyzing the incident and responses to identify whether 
procedures or systems could be improved. It is also imperative to document the 
incident. 


INCIDENT RESPONSE DOCUMENTATION 


A serious incident will be a highly pressured scenario. Without adequate preparation, 
staff will not be able to respond effectively. Without clear policies and guidelines, staff 
discovering and investigating the incident are more likely to make bad decisions. 
Without an incident log, different employees will find it harder to coordinate their 
efforts. If there are no contact lists and lines of communication, information about the 
incident might be disclosed inappropriately, whether that means senior personnel not 
being informed or knowledge of the incident becoming public too early. 


Preparing for incident response means establishing documented policies and 
procedures for dealing with security breaches and the personnel and resources to 
implement those policies. Incident response documentation should also establish clear 
lines of communication, both for reporting incidents and for notifying affected parties 
as the management of an incident progresses. It is vital to have essential contact 
information readily available. Also consider that the incident response personnel might 
require secure, out-of-band communication methods, in case standard network 
communication channels have been compromised. 


As with any type of procedural documentation, this must also be kept up to date with 
changes. The procedures should be reviewed periodically (every few months) but 
events such as staff changes, the deployment of new network or security systems, or 
changes in the legal/regulatory environment should trigger an immediate review of 
incident response documents. 


FIRST RESPONDERS 


An incident is any event that breaches security policy. Of course, this covers a huge 
number and variety of different scenarios. In order to prioritize and manage incidents, 
an organization should develop some method of categorizing and prioritizing them 
(triage), in the same way that troubleshooting support incidents can be logged and 
managed. 


Larger organizations will provide a dedicated Computer Security Incident Response 
Team (CSIRT) as a single point-of-contact for security incidents so that they can be 
reported through the proper channels. 


The members of this team should be able to provide the range of decision making and 
technical skills required to deal with different types of incidents. The team needs a 
mixture of senior decision makers (up to director level) who can authorize actions 
following the most serious incidents, managers, and technicians (who can deal with 
minor incidents on their own initiative). 


When an incident is detected, it is critical that the appropriate person on the CSIRT be 
notified so that they can take charge of the situation and formulate the appropriate 
response (first responder). This means that employees at all levels of the organization 
must be trained to recognize and respond appropriately to actual or suspected 
security incidents. 


It is also wise to provide for confidential reporting so that employees are not afraid to 
report insider threats, such as fraud or misconduct. It may also be necessary to use an 
"out-of-band" method of communication so as not to alert the intruder that his or her 
attack has been detected. 
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Note: An employee (or ex-employee) who reports misconduct is referred to as a 
whistleblower. 


When notification has taken place, the CSIRT or other responsible person(s) can 
formulate the response. 


DATA AND DEVICE PRESERVATION 


Computer forensics is the science of collecting evidence from computer systems to a 
standard that will be accepted in a court of law. It is highly unlikely that a computer 
forensic professional will be retained by an organization, so such investigations are 
normally handled by law enforcement agencies. Like DNA or fingerprints, digital 
evidence is mostly latent. Latent means that the evidence cannot be seen with the 
naked eye; rather, it must be interpreted using a machine or process. 


If a forensic investigation is launched (or if one is a possibility), it is important that 
technicians and managers are aware of the processes that the investigation will use. It 
is vital that they are able to assist the investigator and that they not do anything to 
compromise the investigation. In a trial, the defense will try to exploit any uncertainty 
or mistake regarding the integrity of evidence or the process of collecting it. 


COLLECTION OF EVIDENCE 


The first phase of a forensic investigation is collection of evidence. The two principal 
questions here are: 


e What evidence must be collected? 
* How should the evidence be collected? 


Neither question is trivial. A computer system may contain multiple gigabytes (or even 
terabytes) of data, most of which will not be relevant to the incident. Evidence may 
only exist in volatile storage (system or cache RAM). If the computer system is not 
owned by the organization, there is the question of whether search or seizure is legally 
valid. This may also make it difficult for law enforcement agents to begin an 
investigation. For example, if an employee is accused of fraud, you must verify that the 
employee's equipment and data can be legally seized and searched. Any mistake may 
make evidence gained from the search inadmissible. 


The question of "how" is complicated because it is much more difficult to capture 
evidence from a digital "crime scene" than it is from a physical one. As mentioned, 
some evidence will be lost if the computer system is powered off; on the other hand, 
some evidence may be unobtainable until the system is powered off. Additionally, 
evidence may be lost depending on whether the system is shut down or "frozen" by 
suddenly disconnecting the power. 


The general procedure will be as follows: 


1. The crime scene must be thoroughly documented using photographs and ideally 
video and audio. Investigators must record every action they take in identifying, 
collecting, and handling evidence. 


Note: Remember that if the matter comes to trial, the trial could take place months 
or years after the event. It is vital to record impressions and actions in notes. 


2. The investigator should then interview witnesses to establish what they were 
doing at the scene and also to gather information about the computer system. 

3. If possible, evidence is gathered from the live system, including screenshots of 
display screens and the contents of cache and system memory, using forensic 
software tools. It is vital that these tools do nothing to modify the digital data that 
they capture. 
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4. Forensic tools are used to make a copy of data on the hard drive(s). This is 
performed using drive imaging rather than file copy methods, so that the copy is 
made at sector level. 

5. A cryptographic hash is made of the collected data. This can be used to prove that 
the digital evidence collected has not been modified subsequently to its collection. 

6. The system is either shut down or powered off. 

7. Depending on the strength of evidence required, the physical drives are then 
identified, bagged, sealed, and labeled using tamper-proof bags. It is also 
appropriate to ensure that the bags have anti-static shielding to reduce the 
possibility that data will be damaged or corrupted on the electronic media by 
Electrostatic Discharge (ESD). Any other physical evidence deemed necessary is 
also "Bagged and Tagged." 


CHAIN OF CUSTODY 


It is vital that the evidence collected at the crime scene conform to a valid timeline. 
Digital information is susceptible to tampering, so access to the evidence must be 
tightly controlled. 


A crucial element of the investigation is that each step is documented and (ideally) 
recorded. This proves that the evidence has been handled correctly and has not been 
tampered with. Once evidence has been bagged, it must not subsequently be handled 
or inspected, except in controlled circumstances. 


A Chain of Custody form records where, when, and who collected the evidence, who 
has handled it subsequently, and where it was stored. The chain of custody must show 
access to, plus storage and transportation of, the evidence at every point from the 
crime scene to the court room. Anyone handling the evidence must sign the chain of 
custody and indicate what they were doing with it. 
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Activity 16-4 


Discussing Data Protection During 
Incident Response 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What is incident reporting? 


2. Why are the actions of a first responder critical in the context of a forensic 
investigation? 


3. What does Chain of Custody documentation prove? 


4. The contract ended recently for several workers who were hired for a specific 
project. The IT department has not yet removed all of those employees' login 
accounts. It appears that one of the accounts has been used to access the 
network, and a rootkit was installed on a server. You immediately contact the 
agency the employee was hired through and learn that the employee is out of the 
country, so it is unlikely that this person caused the problem. 


What actions do you need to take? 
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Summary 


In this lesson, you implemented and described many concepts and techniques that can 
be used to establish the desired level of security for data and workstations within an 
organization. Every organization will have different security requirements based on the 
type of business they conduct. It is your job to understand those requirements and 
know how security controls should be implemented to directly support those needs. 


Which security best practices do you feel are the most important? Which are the 
minimum measures that should be taken? Does your organization implement 
good security practices? 


Have you had experience with security incidents such as data breaches? What 
might have been done differently to further protect the data that was put at 
risk? 


Practice Question: Additional practice questions are available on the CompTIA CHOICE 
platform within the Assessments tile. 
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Troubleshooting Workstation Security Issues 


LESSON INTRODUCTION 


For all that you try to configure workstation security according to best practices—securing user 
accounts, installing antivirus software, updating with patches, and encrypting data—there will be 
times when those procedures fail to work properly and you have to deal with malware infection. As 
a CompTIA® A+® PC technician, it is essential that you be able to identify types of malware, the 
symptoms of malware infections, and the steps to take to remove malicious code and prevent it 
from re-infecting computers and networks. 


LESSON OBJECTIVES 


In this lesson, you will: 
* Detect, remove, and prevent malware infections. 


* Troubleshoot common workstation security issues. 
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Topic A 


Detect, Remove, and Prevent Malware 


EXAM OBJECTIVES COVERED 
A 1002-2.4 Given a scenario, detect, remove, and prevent malware using appropriate tools 


and methods. 
1002-3.3 Given a scenario, use best practice procedures for malware removal. 


Malware is a catch-all term to describe malicious software threats and social 
engineering tools designed to vandalize or compromise computer systems. In this 
topic, you will learn to describe different malware threats and operate antivirus 
software to protect the computer against infection and remediate infections. 


COMPUTER VIRUSES AND WORMS 


Computer viruses are programs designed to replicate and spread amongst 
computers. They produce a wide variety of symptoms on a PC and, in extreme cases, 
can cause permanent damage or loss of files. There are several different types of 
viruses, and they are generally classified by the different ways they can infect the 
computer (the vector). For example: 


* Boot sector viruses—these attack the boot sector information, the partition table, 
and sometimes the file system. 

+ Firmware viruses—these are targeted against the firmware of a specific 
component, such as the drive controller. Such viruses are often only used in highly 
directed attacks, as the firmware is specific to particular models of drive, the 
firmware code is difficult to obtain and compromise, and executing the firmware 
update without the user realizing it is tricky. 

* Program viruses—these are sequences of code that insert themselves into another 
executable program. When the application is executed, the virus code becomes 
active. 

* Script viruses—scripts are powerful languages used to automate OS functions and 
add interactivity to web pages. Scripts are executed by an interpreter rather than 
self-executing. Most script viruses target vulnerabilities in the interpreter. 

* Macro viruses—these viruses affect Office documents by using the programming 
code that underpins macro functionality maliciously. 


What these types of viruses have in common is that they must infect a host file. That 
file can be distributed through any normal means—on a disk, on a network, or as an 
attachment through an email or instant messaging system. 


Email attachment viruses—usually program or macro viruses in an attached file—often 
use the infected host's electronic address book to spoof the sender's address when 
replicating. For example, Alice's computer is infected with a virus and has Bob's email 
address in her address book. When Carlos gets an infected email apparently sent by 
Bob, it is the virus on Alice's computer that has sent the message. 


Viruses are also categorized by their virulence. Some viruses are virulent because they 
exploit a previously unknown system vulnerability—a "zero-day" exploit. Others 
employ particularly effective social engineering techniques to persuade users to open 
the infected file. An infected email attachment with the subject "| Love You" is one of 
the best examples of the breed. 
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While the distinguishing feature of a virus is its ability to replicate by infecting other 
computer files, a virus can also be configured with a payload that executes when the 
virus is activated. The payload can perform any action available to the host process. 
For example, a boot sector virus might be able to overwrite the existing boot sector, an 
application might be able to delete, corrupt, or install files, and a script might be able 
to change system settings or delete or install files. 


WORMS 


Worms are memory-resident malware that replicate over network resources. Unlike a 
virus, a worm is self-contained; that is, it does not need to attach itself to another 
executable file. They typically target some sort of vulnerability in a network application, 
such as a database server. The primary effect of a worm infestation is to rapidly 
consume network bandwidth as the worm replicates. A worm may also be able to 
crash an operating system or server application (performing a Denial of Service attack). 
Also, like viruses, worms can carry a payload that may perform some other malicious 
action (such as installing a backdoor). 


TROJAN HORSES AND SPYWARE 


Other types of malware are not classed as viruses as they do not necessarily try to 
make copies of themselves within another "host" process. They can be just as much of 
a security threat as viruses, however. A Trojan Horse—or, more simply, just "Trojan"— 
is a program (usually harmful) that is packaged as something else. For example, you 
might download what you think is a new game, but when you run it, it also installs a 
keylogger and starts sending a transcript of whatever you type to a host on the 
Internet. There is also the case of rogueware or scareware fake antivirus, where a web 
pop-up displays a security alert and claims to have detected viruses on the computer 
and prompts the user to initiate a full scan, which installs the attacker's Trojan. 


Many Trojans function as backdoor applications. Once the Trojan backdoor is 
installed, it allows the attacker to access the PC, upload files, and install software on it. 
This could allow the attacker to use the computer in a botnet, to launch Denial of 
Service (DoS) attacks or mass-mail spam. Trojans are also used by attackers to conceal 
their actions. Attacks or spam appear to come from the corrupted computer system. 


SPYWARE AND KEYLOGGERS 


Spyware is a program that monitors user activity and sends the information to 
someone else. It may be installed with or without the user's knowledge. Aggressive 
spyware or Trojans known as "keyloggers" actively attempt to steal confidential 
information by capturing a credit card number by recording key strokes entered into a 
web form, for example. Another spyware technique is to spawn browser pop-up 
windows to try to direct the user to other websites, often of dubious origin. 
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BB Actual Keylogger - Unregistered Version — x 
Start monitoring @ Stop monitoring | D Hide | Xx Clear all logs | Registration ©) Help y Exit 


Keystrokes (5) Screenshots (1) Applications (7) Clipboard (0) Printer (0) Files (0) Computer (4) 


PC Activit Time Window Caption Application Path Username 
y 8/3/2017 3:21:24 AM New Rich Text Document -'W... C:\Program Files\Windows NT... Administrator 
£ 8/3/2017 3:21:17 AM LABFILES C:\Windows explorer.exe Administrator 


8/3/2017 3:20:00 4M | Windows Security \Windows\System32\Crede... | Administrator 
7 8/3/2017 3:19:30 AM Remote Desktop Connection C:\Windows\System32\mstsc.... Administrator 


Tienes cede) | 8/3/2017 3:17:44 AM Remote Desktop Connection C:\Windows\System32\mstsc.... Administrator 


Time: 8/3/2017 3:20:00 4M 

Window Caption: Windows Security 

Application path: C:\Wwindows'System32\CredentialU|IBroker.exe 
Username: Administrator 


Keystrokes: 
(Shift]Pa[Shift]$$wOrd 


C] Show characters only 
[è] Refresh Ë Delete X Delete all kd gh Search [_] Match case 
Total records: 17 Text logs size: 1.96 KB Screenshots size: 57.29 KB 


Actual Keylogger—Windows software that can run in the background to monitor different kinds of 
computer activity (opening and closing programs, browsing websites, recording keystrokes, and 
capturing screenshots). (actualkeylogger.com) 


Note: Spyware doesn't have to depend on executable programs installed locally. Script 
and server-side programs on websites can be used to track a user's Internet history 
through use of cookies and information reported to the site by the browser. 


ROOTKITS 

Many Trojans cannot conceal their presence entirely and will show up as a running 
service. Often the service name is configured to be similar to a genuine process to 
avoid detection. For example, a Trojan may use the filename run32d11 to 
masquerade as run32d11. One class of backdoor that is harder to detect is the 
rootkit. A rootkit is a set of tools designed to gain control of a computer without 
revealing its presence. They are so-called because they execute with root or system- 
level privileges. The general functions of a rootkit will be as follows: 


* Replace key system files and utilities to prevent detection and eradication of the 
rootkit itself. 

* Provide a backdoor channel for the rootkit handler to reconfigure the PC, steal 
information, or install additional spyware or other malware remotely. 

* Evade antivirus software by infecting firmware code. 


Rootkits may also be deployed as part of Digital Rights Management (DRM) and copy 
protection mechanisms. Infamously, Sony released a music player for its Extended 
Copy Protection CDs that also installed a rootkit. 


RANSOMWARE 

Ransomware is a type of malware that tries to extort money from the victim. One 
class of ransomware will display threatening messages, such as requiring Windows? to 
be reactivated or suggesting that the computer has been locked by the police because 
it was used to view child pornography or for terrorism. This may block access to the 
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computer by installing a different shell program but this sort of attack is usually 
relatively trivial to fix. Another class of ransomware attempts to encrypt data files on 
any fixed, removable, and network drives. If the attack is successful, the user will be 
unable to access the files without obtaining the private encryption key, which is held by 
the attacker. If successful, this sort of attack is extremely difficult to mitigate, unless the 
user has up-to-date backups of the encrypted files. 


Ooops, your files have been encrypted! 


What Happened to My Computer? 

Your important files are encrypted. 

Many of your documents, photos, videos, databases and other files are no longer 
accessible because they have been encrypted. Maybe you are busy looking for a way to 
recover your files, but do not waste your time. Nobody can recover your files without 
our decryption service. 


Can I Recover My Files? 


5/16/2017 00:47:55 Sure. We guarantee that you can recover all your files safely and easily. But you have 
not so enough time. 
Time You can decrypt some of your files for free. Try now by clicking <Decrypt>. 
But if you want to decrypt all your files, you need to pay. 
You only have 3 days to submit the payment. After that the price will be doubled. 
Also, if you don't pay in 7 days, you won't be able to recover your files forever. 
We will have free events for users who are so poor that they couldn't pay in 6 months. 


How Do I Pay? 

Payment is accepted in Bitcoin only. For more information, click <About bitcoin>. 
Please check the current price of Bitcoin and buy some bitcoins. For more information, 
click <How to buy bitcoins>. 

And send the correct amount to the address specified in this window. 

After your payment, click <Check Payment>. Best time to check: 9:00am - 11:00am 


DAET Sonn BE wn dnan d 


5/20/2017 00:47:55 


Time Left 


- -bitcoin — 
T | 129YDPgwueZ9NyMgw519p7AABisjr6 SMw coe 


WannaCry ransomware. Wikimedia Public Domain image. 


Note: Most ransomware will be capable of encrypting removable drives too so backup 
devices should not be left attached routinely. A cloud-based backup might offer a better 
alternative, but if the credentials for the cloud file server are cached, the ransomware is 
likely to be able to encrypt those, too. 


Ransomware uses payment methods such as wire transfer, Bitcoin, or premium rate 
phone lines to allow the attacker to extort money without revealing his or her identity 
or being traced by local law enforcement. 


SOURCES OF MALWARE INFECTION 


There are numerous sources of malware infection, but the main ones are: 

e Visiting "unsavory" websites with an unpatched browser, low security settings, and 
no antivirus software. 

* Opening links in unsolicited email. 

* Infection from another compromised machine on the same network. 

* Executing a file of unknown origin—email attachments are still the most popular 
vector, but others include file sharing sites, websites generally, attachments sent via 
chat/Instant Messaging, AutoRun USB sticks and CDs, and so on. 


* Becoming victim to a "zero-day" exploit (that is, some infection mechanism that is 
unknown to software and antivirus vendors). 
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ANTIVIRUS SOFTWARE 


Antivirus software (A-V) uses a database of known virus patterns (definitions) plus 
heuristic malware identification techniques to try to identify infected files and prevent 
viruses from spreading. "Heuristic" means that the software uses knowledge of the 
sort of things that viruses do to try to spot (and block) virus-like behavior. 


Typically, the software is configured to run automatically when a user or system 
process accesses a file. The antivirus software scans the file first and blocks access if it 
detects anything suspicious. 


The user can then decide either to try to disinfect the file, quarantine it (block further 
access), or delete it. Another option might be for the user to ignore the alert (if it is 
deemed a false positive, for instance) and exclude the file from future scans. 


The A-V scanner also runs at boot-time to prevent boot sector viruses from infecting 
the computer. Most types of software can also scan system memory (to detect worms), 
email file attachments, removable drives, and network drives. 


The latest "antivirus" software is usually "anti-malware" software, and includes 
routines and signatures to detect and block Trojans, rootkits, ransomware, and 


spyware. 
P eaea k LJ à | =o 


Scan for threats 


f threats 
Change settings 


View quarantine 
View logs 


Scans 


for this compute: 


LiveUpdate 
Create a New Scan 


Scan Name Enabled | Type When to Scan Last Scan 
Active Scan Upon Startup No Active Scan Upon Startup Never 


Symantec Endpoint Protection malicious software protection. 


Antivirus software can be purchased either as personal security suites, designed to 
protect a single host, or network security suites, designed to be centrally managed 
from a server console. Most antivirus software is designed for Windows PCs and 
networks, as these are the systems targeted by most virus writers, but software is 
available for Linux® and macOS® as well. 


Some of the major vendors are Symantec™ (including the Norton™ brand), McAfee®, 
Trend Micro™, Kaspersky™, ESET® (NOD32®), and Bitdefender™. 


Antivirus updates must be managed as they are made available. Antivirus engine 
updates can include enhancements, bug fixes, or new features being added to the 
software engine, improving the manner in which the software operates. Updates can 
be implemented automatically or manually depending on the software. Automatic 
updating refers to software that periodically downloads and applies updates without 
any user intervention, whereas manual updating means that a user must be involved 
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to either initiate the update, download the update, or at least approve installation of 
the update. 


BEST PRACTICES FOR MALWARE REMOVAL 
CompTIA has identified a seven-step best practice procedure for malware removal: 


1. Identify and research malware symptoms. 
2. Quarantine infected systems. 

3. Disable System Restore (in Windows). 

4. Remediate infected systems: 


+ Update anti-malware software. 

* Scan and use removal techniques (Safe Mode, Pre-installation environment). 
5. Schedule scans and run updates. 
6. Enable System Restore and create restore point (in Windows). 
7. Educate end user. 


These steps are explained in more detail in the remainder of this topic. 


MALWARE RESEARCH 


There are several websites dedicated to investigating the various new attacks that are 
developed against computer systems. Apart from the regular IT magazines, some good 
examples include cert.org, sans.org, schneier.com, and grc.com. The SANS "Top 20" 
critical security controls is one of the most useful starting points (sans.org/top20/). 
Antivirus vendors also maintain malware encyclopedias ("bestiaries") with complete 
information about the type, symptoms, purpose, and removal of viruses, worms, 
Trojans, and rootkits. 


\> 


Ps) symantec. Confidence in a connected world United States J = Shopping & | Search ia 


Overview Solutions Products Services Training Resources Store 


Security Response 
Security Response provides your Enterprise with world-class analysis and protection from viruses, blended threats, security risks and 
vulnerabilities 


Latest Threats & Risks > view all threats > View all Risks 
| Severity Name Detected Protected* 


J emironment/ attack Explorer \ Threat Watch \ 


1 Trojan.Ushedocinf 06/28/2008 06/28/2008 
I Trojan.Ushedix 06/28/2008 06/28/2008 

Joke.Blusod 06/27/2008 
1 Trojan.Blusod 06/27/2008 06/27/2008 


| Vulnerabilities » view all vulnerabilities 


| Name Detected Search Threats 

| Microsoft DirectX SAMI File Parsing Stack Buffer Overfl. June 10, 2008 Search by name 

| | Microsoft Internet Explorer HTML Objects ‘substringData. June 10, 2008 £ v 
< | a 


Symantec's Security Response portal showing current threat status, recent viruses and vulnerabilities, 
and search options for the malware database. 


QUARANTINE AND REMEDIATION OF INFECTED SYSTEMS 


Following the seven-step procedure, if symptoms of a malware infection are detected, 
the next steps should be to apply a quarantine, disable System Restore, and then 
remediate the infected system. 
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QUARANTINING INFECTED SYSTEMS 


Malware such as worms propagate over networks. This means that one of the first 
actions should be to disconnect the network link. Infected files could have been 
uploaded to network servers or cloud services, though these systems should have 
server-side scanning software to block infected files. 


Move the infected system to a physically or logically secure work area. To remediate 
the system, you might need network access to tools and resources but you cannot risk 
infecting the production network. You should also ensure that the infected computer is 
not used until it has been cleaned up. 


Once the infected system is isolated, the next step is to disable System Restore and 
other automated backup systems, such as File History. If you are relying on a backup to 
recover files infected by malware, you have to consider the possibility that the backups 
are infected, too. The safest option is to delete old system restore points and backup 
copies, but if you need to retain them, try to use antivirus software to determine 
whether they are infected. 


Also consider identifying and scanning any removable media that has been attached to 
the computer. If the virus was introduced via USB stick, you need to find it and remove 
it from use. Viruses could also have infected files on any removable media attached to 

the system while it was infected. 


The main tool to use to try to remediate an infected system will be antivirus software, 
though if the software has not detected the virus in the first place, you are likely to 
have to use a different suite. Make sure the antivirus software is fully updated before 
proceeding. This may be difficult if the system is infected, however. It may be 
necessary to remove the disk and scan it from a different system. 


REMEDIATING INFECTED SYSTEMS 


If a file is infected with a virus, you can (hopefully) use antivirus software to try to 
remove the infection (cleaning), quarantine the file (the antivirus software blocks any 
attempt to open it), or erase the file. You might also choose to ignore a reported 
threat, if it is a false positive, for instance. You can configure the action that software 
should attempt when it discovers malware as part of a scan. 


g 
Scan Actions 


Actions 

| Non-macro virus 

| Security Risks 
Adware 
Dialers 
Hack Tools 
Joke Programs 
Remote Access 
Spyware 
Trackware 
Other 


First action: | Clean risk X | 


If first action fails: | Quarantine risk | 


Configuring scan remediation options. 
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Most of the time the software will detect the virus and take the appropriate action. If 
you cannot clean a file, and have a backup copy, use it to restore the file. Check the 
files you restore to make sure that your backups are not infected. 


19/07/2009 17:16:23 
19/07/2009 17:16:22 
19/07/2009 17:16:21 
19/07/2009 17:16:21 
19/07/2009 17:16:20 


a 
@ Symantec AntiVirus Detection Results 


g 


A Auto-Protect has acted on the risks. 


|_| Date and Time | Risk | Exclu.. | Action | 


EICAR Test Stri... Cleaned by deletion 
EICAR Test Stri... Cleaned by deletion 
EICAR Test Stri... Cleaned by deletion 
EICAR Test Stri... Cleaned by deletion 
EICAR Test Stri... Cleaned by deletion 


Detecting and remediating a virus infection. 


Another option is to remove the virus manually. For assistance, check the website and 
support services for your antivirus software. In some cases, you may have to follow a 
further procedure to remove the virus or Trojan Horse: 


Use Task Manager or taskkil1 to terminate suspicious processes. 
Execute commands at a command prompt terminal and/or manually remove 
registry items using regedit. 

Use msconfig to perform a safe boot or boot into Safe Mode, hopefully 
preventing any infected code from running at startup. 


Boot the computer using the product disk and use the Windows Recovery 
Environment (WinRE) to run commands from a "clean" command environment. 
Another option, as mentioned previously, is to remove the disk from the infected 
system and scan it from another system, taking care not to allow cross-infection. 


to WinRE, used by the Windows 2000 and Windows XP versions. Recovery console 


& Note: The CompTIA exam objectives mention the recovery console. This is a precursor 


presents a limited subset of the commands normally available at a Windows 
command prompt and does not provide as many tools as WinRE. 


Antivirus software will not necessarily be able to recover data from infected files. Also, 
if a virus does disrupt the computer system, you might not be able to run antivirus 
software anyway and would have to perform a complete system restore. This involves 
reformatting the disk, reinstalling the OS and software (possibly from a system image 
snapshot backup), and restoring data files from a (clean) backup. 


Note: Windows 8 and Windows 10 support a "refresh" reinstallation mode that wipes 
desktop applications but preserves user data files, personalization settings, and Windows 
Store apps. This might be of use in removing malware. 
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MALWARE INFECTION PREVENTION 


Once a system has been cleaned, you need to take the appropriate steps to prevent re- 
infection. 


CONFIGURING ON-ACCESS SCANNING 

Almost all security software is now configured to scan on-access. On-access means 
that the A-V software intercepts an OS call to open a file and scans the file before 
allowing or preventing it from being opened. This reduces performance somewhat but 
is essential to maintaining effective protection against malware. 


Note: When configuring antivirus software, it is vital to configure the proper exceptions. 
Real-time scanning of some system files and folders (notably those used by Windows 


Update) can cause serious performance problems. 


G 
Antivirus and Antispyware Protection Settings 


File System Auto-Protect 


Click to view Centralized Exceptions: | Centralized Exceptions | 


Configuring File System Auto-Protect on-access scans. 


Note: Antivirus software depends on services to run properly—make sure that these are 
not disabled. 


CONFIGURING SCHEDULED SCANS 


All security software supports scheduled scans. These scans can impact performance, 
however, so it is best to run them when the computer is otherwise unused. Symantec 
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Endpoint Protection performs an "Active Scan" at startup, but the user can define any 
type of scan to run to a schedule of their own choosing. 


You also need to configure the security software to perform malware pattern and 
antivirus engine updates regularly. 


E 
Create New Scan - Schedule 


ia 


Specify how often and when you want the scan to occur. 


Frequency 
Daily 

@) Weekly 
Monthly 


Perform this scan every Friday at 17:00 


Configuring a scheduled scan. 


DNS CONFIGURATION 

DNS spoofing allows attackers to direct victims away from the legitimate sites they 
were intending to visit and towards fake sites. As part of preventing reinfection, you 
should inspect and re-secure the DNS configuration. 


* Flush the local DNS cache to clear out any potentially malicious entries. In Windows, 
you can use ipconfig /flushdns to do this. 

* Check the HOSTS file for spoofed entries—mappings in the HOSTS file are loaded 
into the DNS cache and can override other name resolution methods, depending on 
how the system is configured. Malware often tries to corrupt the file to insert 
malicious entries. In Windows, the file is stored in %SYSTEMROOT% 
\System32\drivers\etc\hosts. In Linux, it is located in /etc/hosts. These files 
should generally be empty, though there may be commented (#) text. 

* In Windows, check the priority order for name resolution services is set as per 
network policies. The priority order is set in the registry key 
HKLM-—SYSTEM-—CurrentControlSet—Services—Tcpip—ServiceProvider. 

e Validate the DNS resolvers set as primary and secondary in the client's IP 
configuration (use ipconfig /all). 
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* Check these local DNS resolver services to make sure they are operating normally 
and are configured according to policy. You may also want to flush the cache on 
these servers. You could also test name resolution with ns Lookup to compare 
results of queries performed by your local DNS infrastructure with results obtained 
from a trusted Internet DNS provider. Google's public DNS servers (8.8.8.8 and 
8.8.4.4) are quite widely used, for instance. Another option is Quad9, sponsored by 
IBM. Quad9 has a special focus on blocking domains known to host malicious 
content. There is a filtered service (9.9.9.9 and 149.112.112.112) and a non-secured 
service (9.9.9.10 and 149.112.112.10). 

* Check that where you are forwarding queries, these queries are being sent to 
legitimate DNS servers on the Internet. Most organizations use their ISP's servers. 
Ensure that queries are reaching the intended servers and are not being redirected 
to a rogue DNS. 


SOFTWARE FIREWALLS 

If malware was able to run with administrative privileges, it may have made changes to 
the software (host) firewall configuration. An unauthorized port could potentially 
facilitate reinfection of the machine. You should inspect the firewall policy to see if 
there are any unauthorized changes. Consider resetting the policy to the default. 


ENABLING SYSTEM RESTORE 

If you disabled System Restore and automatic backups, you should re-enable them as 
part of the recommissioning process. Create a fresh restore point or system image and 
a clean data backup. As a final step, complete another antivirus scan; if the system is 
clean, then remove the quarantine and return it to service. 


GUIDELINES FOR REDUCING MALWARE EFFECTS 
Note: All of the Guidelines for this lesson are available as checklists from the Checklist 
tile on the CHOICE Course screen. 


Consider the following guidelines to help reduce the effects of malware. 


REDUCE THE RISK AND IMPACT OF MALWARE 


The following guidelines can help reduce the risk and impact of malware: 


* Carry out regular backups that allow data to be recovered, in case of loss due to a 
virus infection. Do not leave the backup device attached to the host. This minimizes 
the risk of the backup files becoming infected. 

* Apply operating system and application security patches. 

* Do not allow users to bring in their own software programs. If necessary, measures 
such as removing (or disabling) removable drives can be used. Windows-based 
systems also allow the administrator to determine who can run new programs, 
install new software, or download files from the web. Use these rights effectively. 

* Install and use an antivirus package. The virus package must be kept up-to-date 
with updated signatures (or definitions), since viruses are continually being 
developed and the latest signatures offer the most protection. 

* Select antivirus software that scans automatically (on-access). This provides much 
more reliable protection against web and email attachment threats. 

* Configure filtering on the messaging server—this will prevent most of the 
unsolicited messages (Spam) arriving at the server from getting to the users' 
mailboxes. 
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* Do not log on with administrative privileges except where necessary. Limit 
administrative privileges to a few, selected accounts. Keep passwords for these 
accounts secure. 

+ Educate users about not running attachments—and supplement this with 
procedures that will prevent files, such as executables and Office macros, from 
being allowed to run. This could be accomplished (for instance) by only allowing 
digitally signed code to be executed. 

* Audit system events (such as logons) and review logs for unusual activity. 

e Establish a procedure for recovery following virus infection to minimize the spread 
and effect of a virus. 

e Routine procedures, such as applying critical and security patches to the OS and 
applications and updating virus definitions and malware threats in antivirus 
software, should be automated where possible or performed according to a strict 
schedule. 

* Try to find time to monitor security developments so that you are aware of new 
threat types and strategies or "zero-day" vulnerabilities (flaws that have not been 
fixed by a patch). 

e The organization needs to develop and enforce effective policies, backed up by 
disciplinary procedures to supplement training and education programs. The efforts 
of a single support technician are unlikely to make much difference. Training and 
educating can be more problematic, and you may well have to overcome resistance 
from end users accepting responsibility for security. 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 
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Activity 17-1 


Discussing Detecting, Removing, and 
Preventing Malware Infections 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What are the principal characteristics of Trojan malware? 


2. What general class of malware is crypto-malware an example of? 


3. Why might you need to use a virus encyclopedia? 


4. Why must antivirus software be kept up-to-date regularly? 


5. What type of file scan offers best protection for ordinary users? 


6. What would be the purpose of quarantining an infected file, rather than 
deleting it? 
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7. Why is DNS configuration a step in the malware remediation process? 


8. What sort of training should you give to end users to reduce the risk of 
infections? 
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Activity 17-2 


Using Antivirus Software 


BEFORE YOU BEGIN 
Complete this activity using Hyper-V Manager and the PC1 (Windows 10) VM. 


SCENARIO 


Windows ships with an anti-malware product named Windows Defender. In this 
activity, you will evaluate the product and test that it detects some known threats. 


1. Start PC1 and view the Windows Defender Security Center. 


a) Start the PC1 VM and sign on using the account Admin and password Pa$$w0rd 
b)  Onthe taskbar, in the notification area, select Show hidden icons and then select the 


Windows Defender icon. Mis 
c) Inthe Account protection alert, select Dismiss. 


d) Select App & browser control, and observe the settings for SmartScreen. 


€ Windows Defender Security Center - og X 


O App & browser control 


Set up Windows Defender SmartScreen settings for apps and browsers. 


Check apps and files 


Windows Defender SmartScreen helps protect your device by checking for 
unrecognized apps and files from the web. 


O Block 
© wam 
O off 


Privacy statement 


SmartScreen for Microsoft Edge 


Windows Defender SmartScreen Filter helps protect your device from 
malicious sites and downloads. 


O Block 
© Warn 
O oft 


App & browser control settings. (Screenshot used with permission from Microsoft.) 


This enforces an execution control that prevents known malicious code from running. 
e) Scroll down and select Exploit protection settings. 

If malicious code is run by the user, it still has to find a way to exploit or compromise 

a target process in the OS, usually by manipulating the way the process uses system 

memory. The system settings shown here are processor features designed to make it 

harder for malicious code to do this. 


f) If necessary, select the Open Navigation icon or maximize the Windows Defender 
Security Center Settings window, and then select Device security. 
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You can see from the Core isolation feature that the OS is aware that it is running as 
a VM. You should also see a Secure boot option enabled. This prevents unknown OSs 
from being installed to the device. The Standard hardware security not supported 
message indicates that no Trusted Platform Module (TPM) is present. 

g) Inthe Windows Defender Security Center Settings app, select Device performance 
& health. 
There should be no issues detected. Some systems will display a Fresh start option 
to reinstall Windows from here. 

h) In the Windows Defender Security Center Settings app, select Family options. 
This contains a link to a site where you can configure parental controls. 


View the options for the antivirus components of Windows Defender. 

a) Inthe Windows Defender Security Center Settings app, select Virus & threat 
protection. 
Although no status alerts are displayed, no scan has been run and no updates have 
been obtained. If over-reporting of alerts is one issue with security software, under- 
reporting can also represent a serious problem. To be fair, this VM setup with no 
Internet or server management is not typical of most deployments. Defender would 
display an alert if it could reach the Internet and discover that updates were available. 
You might notice an alert about updates after running a scan. 

b) Select the Scan Now button to start a scan. While the scan is running, review the 
other settings. 

c) Select Virus & threat protection settings. 
"Real-time protection" means that Defender is configured for on-access scanning. 

d) Select Manage Controlled folder access. 
While Windows folders are protected by default, you might enable this option to try to 
prevent crypto-malware from encrypting your profile folders. 

e) Select the Back button. Scroll down the Virus & threat protection settings page. 
Observe the Exclusions option. 
You would use this to prevent Defender scanning a particular folder or file. 

f) Select the Back button. Select Virus & threat protection updates. 
You can see the date of the last definition update here. 

g) Select the Back button. Check to see if the scan has finished. 


It should not detect any threats. 


Optionally, open the odysseus.iso disc image and view the Defender response. 


Note: Depending on the security policy in place in the training center, the 
odysseus.iso file might not be available for you to use. 


a) Inthe VM connection window, select Media—DVD Drive—|Insert Disk. 


b) Browse to the C:\COMPTIA-LABS\LABFILES folder. Select odysseus.iso and select 
Open. 
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c) 


d) 
e) 


8) 


Open File Explorer and browse to the This PC object. Double-click the DVD Drive 
icon. 

A User Account Control (UAC) warning is shown because a setup.exe process is trying 
to execute. The process' image file is unsigned (the publisher is listed as unknown). 


setup.exe 


Publisher: Unknown 
File origin: CD/DVD drive 


Show more details 


UAC warning that the publisher of the executable file cannot be verified. (Screenshot used 
with permission from Microsoft.) 
You would not normally proceed, but for this activity, select Yes. 
View the notifications generated by Windows Defender. You may need to select See 
full history under Quarantined threats. 


< Windows Defender Security Center z o x 


Full history 


Here is a list of items that Windows Defender Antivirus detected as 
threats on your device. 


Clear history 


Virus:DOS/EICAR_Test_File Severe 
11/21/2018 A 


See details Allow 


Threats quarantined by Windows Defender. (Screenshot used with permission from 
Microsoft.) 


EICAR (eicar.org) is not actually a virus. It is a string that properly configured virus 
scanners should detect as a virus. 

In File Explorer, right-click the DVD Drive and select Scan with Windows Defender. 
The scan should discover an additional threat. Cain (oxid.it) is a well-known tool for 
sniffing and cracking passwords. 

In File Explorer, right-click the DVD Drive and select Open. 

There are some additional utilities that Windows Defender does not identify as 
threats but some security software might. ActualKkeylogger (actualkeylogger.com) 
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can record keystrokes and take screen captures covertly. Ncat is an implementation 
of the remote access tool Netcat (nmap.org/ncat). 

h) Right-click autorun.inf and select Open. 
This file sets the setup.exe process to run without an interactive window (using the / 
verysilent switch). Older versions of Windows might have allowed the file to run on 


insertion of the DVD, but autoplay settings and UAC prevent that from happening in 
Windows 10. 


Are you confident that Windows Defender blocked the Trojan completely? 
Optionally, investigate the VM to see if there are any other changes. Some things 
may only become apparent if you restart the VM. 


At the end of each activity, you need to close the VMs. You will always discard any 
changes you made. 


a) From the connection window, select Action—Revert. 
b) If prompted, select the Revert button to confirm. 
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Topic B 


Troubleshoot Common Workstation 
Security Issues 


EXAM OBJECTIVES COVERED 
BI 1002-2.2 Explain logical security concepts. 


1002-3.2 Given a scenario, troubleshoot and resolve PC security issues. 


As with many areas of computer support, your responsibility for computer security 
does not end as soon as the security measures are implemented. As with printing, 
networking, hardware, and software, it is your responsibility to your users and clients 
to ensure proper security functions on an ongoing basis as well as to correct security 
problems that might compromise your systems or prevent users from accessing the 
resources that they need. The information and skills in this topic should help you 
troubleshoot any security issues that arise and restore your organization's security 
functions. 


COMMON SYMPTOMS OF MALWARE INFECTION 


A virus's payload can be programmed to perform many different actions and there are, 
besides, many different types of malware. Consequently, there can be very many 
different symptoms of malware infection. 


PERFORMANCE SYMPTOMS 

When the computer is slow or "behaving oddly," one of the things you should suspect 

is malware infection. Some specific symptoms associated with malware include: 

* The computer fails to boot or experiences lock ups. 

+ Unexpected or threatening messages or graphics appear on the screen. 

* Performance at startup or generally is very slow. 

* Network performance is slow or Internet connections are disrupted. 

Any sort of activity or configuration change that was not initiated by the user is a good 

reason to suspect malware infection. Of course, all these things can have other causes, 
too. If you identify these symptoms, run an antivirus scan. If this is negative but you 


cannot diagnose another cause, consider quarantining the system or at least putting it 
under close monitoring. 


Note: If a system is "under suspicion," do not allow users with administrative privileges 
to sign in to it, either locally or remotely. This reduces the risk that malware could 
compromise a privileged account. 


APPLICATION CRASHES AND SERVICE PROBLEMS 


One of the key indicators of malware infection is that security-related applications, 
such as antivirus, firewall, and Windows Update, stop working. You might also notice 
that applications or Windows tools (Notepad for instance) stop working or crash 
frequently. 


Software other than Windows is often equally attractive for malware writers as not all 
companies are diligent in terms of secure coding. Software that uses browser plug-ins 
is often targeted; examples include Adobe's Reader® software for PDFs and Flash® 
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Player. If software from a reputable vendor starts crashing (faulting) repeatedly, 
suspect malware infection and apply the quarantining/monitoring procedures 
described earlier. 


FILE SYSTEM ERRORS AND ANOMALIES 


Another "red flag" for malware infection is changes to system files and/or file 
permissions. 


* The file system or individual files are corrupted or deleted. 

* Date stamps and file sizes of infected files change. 

* Permissions attributes of files change, resulting in "Access Denied" errors. 

* New executable files (EXEs and DLLs) appear in system folders. They may have file 
names that are very close to valid programs (notpad.exe). 


These sorts of issues are less likely to have other causes so you should quarantine the 
system and investigate it closely. 


EVENT VIEWER 

The system, application, and security logs may be of use in detecting malware that is 
attempting to remain concealed. You can inspect these log files using Event Viewer. 
High numbers of audit failures in the security log or unexpected Windows Installer 
events are the types of thing that warrant further investigation. The log will also list 
application and service crash events, which may reveal some sort of malware infection. 


WEB BROWSER SECURITY ISSUES 


Malware often targets the web browser. Remember that malware is not always 
destructive. Malware such as adware and spyware is designed with commercial or 
criminal intent rather than to vandalize the computer system. 


Common symptoms of infection by spyware or adware are pop-ups or additional 
toolbars, the home page or search provider changing suddenly, searches returning 
results that are different to other computers, slow performance, and excessive 
crashing (faults). Viruses and Trojans may spawn pop-ups without the user opening the 
browser. 


Note: The lines between useful utilities, adware, and spyware are not completely clear- 
cut, but if something is there that the user (or IT department) did not explicitly sanction, 


then it's best to get rid of it. 


Another symptom is redirection. This is where the user tries to open one page but 
gets sent to another. Often this may imitate the target page. In adware, this is just a 
blunt means of driving traffic through a site, but spyware may exploit it to capture 
authentication details. 


Note: If a user experiences redirection, check the HOSTS file for malicious entries. HOSTS 
is a legacy means of mapping domain names to IP addresses and is a popular target for 
malware. Also verify which DNS servers the client is configured to use. 


TROJANS, ROOTKITS, AND BOTNETS 


Malware that tries to compromise the PC will try to create a communications channel 
with its "handler." If the firewall is still working, you may see unfamiliar processes or 
ports trying to connect to the Internet. 


Note: Remember that the most powerful malware can disguise its presence. For example, 
the netstat utility shows ports open on the PC. A rootkit may replace netstat 
with a modified version that does not show the ports in use by the rootkit. 
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One use of Trojans and rootkits is to scan other hosts for weaknesses and launch 
Denial of Service (DoS) attacks against networks. Most ISPs monitor the use of 
scanning tools and will warn you if they detect their use coming from your IP address. 


Note: Trojans and rootkits are likely to try to disguise their presence. New breeds of 
rootkit try to occupy firmware, for instance, so that not even disinfecting the file system 


or re-formatting the hard drive will remove them. Sometimes the only way to diagnose 
such infections is to examine network traffic from the infected PC from a different 
machine. 


VIRUS ALERT HOAXES AND ROGUE ANTIVIRUS 


Hoax virus alerts are quite common. They are often sent as mass emails as a prank. 
Most advise you to forward the "alert" to everyone in your address book. Some hoax 
virus alerts describe a number of steps that you "must take" to remove the virus— 
following these steps may cause damage to your computer. Use legitimate portals to 
research malware. 


Rogue antivirus is a particularly popular way to disguise a Trojan. In the early versions 
of this attack, a website would display a pop-up disguised as a normal Windows dialog 
box with a fake security alert, warning the user that viruses have been detected. As 
browsers and security software have moved to block this vector, cold calling vulnerable 
users claiming to represent Microsoft support has become a popular attack. 


DIGITAL CERTIFICATE ISSUES 


Websites and program code are very often made trustworthy by proving the site or 
code author's identity using a digital certificate. The certificate is a wrapper for the 
public key in a public/private key pair. The public key enables a client to read the 
certificate holder's signature, created using an encryption mechanism. As that 
signature could only have been made with the linked private key, and the private key 
should be known only to the holder, if the user trusts the certificate, then the user can 
trust the website or program code. 


The issue then is how the user is able to trust the certificate. Most certificates are 
issued and vouched for by a third-party called a Certificate Authority (CA). The CA 
adds its own signature to the site certificate. The user can validate the CA's signature, 
because the CA's root certificate is installed on the computer. 


Root certificates have to be trusted implicitly, so it would obviously be highly 
advantageous if a malicious user could install a bogus root certificate and become a 
trusted root CA. Installing a trusted root certificate usually requires administrative 
privileges. On a Windows PC, most root certificate updates are performed as part of 
Windows Update or installed by domain controllers or administrators as part of 
running Active Directory. There have been instances of stolen certificates and root 
certificates from CAs being exploited because of weaknesses in the key used in the 
certificate. 


When you browse a site using a certificate, the browser displays the information about 
the certificate in the address bar: 


+ Ifthe certificate is valid and trusted, a padlock icon is shown. Click the icon to view 
information about the certificate and the Certificate Authority guaranteeing it. 
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Website identification 


Entrust = 
Bai has identified this site as LOGIN | — 


www.bankofamerica.com 
Bank of America Corporation 
Chicago, Illinois 

US 


Your connection ays server is encrypted. 


Chi it works for you 


Should | trust this site? 


Browsing a secure site: 1) Check the domain name as highlighted in the address bar; 2) Only enter 
confidential data into a site using a trusted certificate; 3) Click the padlock to view information 
about the certificate holder and the CA that issued it and optionally to view the certificate itself. 

+ Ifthe certificate is highly trusted, the address bar is colored green. High assurance 
certificates make the website owner go through an even more rigorous identity 
validation procedure. 

+ Ifthe certificate is untrusted or otherwise invalid, the address bar might show a 
color-coded alert and the site is blocked by a warning message. If you want to trust 
the site anyway, click through the warning. 


x) There is a problem with this website's security certificate. 
N 


The security certificate presented by this website was not issued by a trusted certificate authority. 
The security certificate presented by this website has expired or is not yet valid. 


Security certificate problems may indicate an attempt to trick you or intercept any data you send to the 
server. 


We recommend that you close this webpage and do not continue to this website. 
@ Click here to close this webpage. 


® Continue to this website (not recommended). 


@ More information 


Untrusted certificate warning. (Screenshot used with permission from Microsoft.) 


Note: Digital certificates are also used to verify the identity of software publishers. If a 
certificate has not been issued by a one of the trusted root CAs, Windows will warn you 
that the publisher cannot be verified when you try to install an add-on or other type of 
application. 


EMAIL ISSUES 


Spam is unsolicited email messages, the content of which is usually advertising 
pornography, miracle cures for various personal conditions, or bogus stock market tips 
and investments. Spam is also used to launch phishing attacks and spread viruses and 
worms. Spam needs to be filtered before it reaches the user's inbox. Most email 
applications now ship with junk mail filters or you can install a filter at the 
organization's mail gateway. These filters need to be kept up-to-date in order to 
protect against the latest spamming techniques. 
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usually deploy a mail gateway to filter spam and scan message for malware before it 


Note: Host-based spam filters are fine for home users but enterprise networks will 
reaches the company's internal mail servers. 


If the filter tags a message as spam, it posts it to a "Junk" email folder and no 
notification is displayed to the user. The user can inspect the junk folder manually to 
retrieve any legitimate messages that have been blocked by accident (false positives). 


The main problem with email filtering is that it can block genuine messages too, 
leading to missed communications. Some filters may support detection levels so that 
where the scan is not certain the message is spam, it may hold it and send a blocked 
notification to the user's inbox. 

As well as detecting spam automatically, these tools allow the user to blacklist known 
spammer domains or to whitelist known safe senders. 

Email file attachments are frequently used as a vector for malware. As well as 
deploying filtering to detect such messages as spam, most A-V software can scan 
message attachments for malware before they can be opened. 

In addition to being a vector for infection, spam may be a symptom of malware 
infection. One of the main criminal uses of Trojans is to install spamming software on 
the "zombie" PC. The software starts sending out spam emails. The software may do 
this surreptitiously to avoid detection; that is, it does not try to send thousands of 
messages at a time, but a few messages every hour. Because the Trojan may have 
infected thousands or millions of PCs (a botnet), it is capable of delivering huge 
quantities of spam. 

If a computer's email is hijacked in this way, the user is likely to receive bounces, non- 
deliverable messages, automated replies from unknown recipients, or messages from 
users regarding the spam that has been sent. This does not always indicate malware 
infection, however; it could simply be that the spammer has spoofed the user's email 
address. If the volume is large, they may receive complaints from other networks and 
from their ISP. You can use various websites—mxtoolbox.com is one example—to 
check whether your organization's public IP address appears on any blacklist. 


GUIDELINES FOR TROUBLESHOOTING COMMON 
WORKSTATION SECURITY ISSUES 


Consider the following guidelines when troubleshooting common workstation security 
issues. 


TROUBLESHOOT COMMON WORKSTATION SECURITY ISSUES 
Follow these guidelines for troubleshooting common workstation security issues: 
* Symptoms of malware infection might include: 
e Performance issues such as failure to boot, lock ups, slow performance, or 
strange messages or images on screen. 
* Frequent application crashes and service problems. 
* Changes to system files or changes to file permissions. 
e Event log entries showing a high number of audit failures or application and 
service crash events. 
* Web browsers are frequent targets for malware delivery. 


* May be adware or spyware. 

e Might redirect users to a site that imitates the site the user attempted to access. 

* As compromised PC attempts to communicate with handler, unfamiliar 
processes or ports show up in firewall log files. 


e Hoax virus alerts requesting users to forward the message, or messages 
including steps to remove the virus with the steps doing the actual damage. 
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* Rogue antivirus disguises Trojans. 
Check for compromised CAs. 


Verify the padlock icon is shown in browsers for secure sites and that the address 
bar is not maroon, which would indicate an untrusted, insecure site. 


Check the Junk email folder to ensure legitimate emails are not improperly flagged. 
Make sure users understand the potential issues in running email file attachments. 
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Activity 17-3 


Discussing Troubleshooting Common 
Workstation Security Issues 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Early in the day, a user called the help desk saying that his computer is running 
slowly and freezing up. Shortly after this user called, other help desk technicians 
who overheard your call also received calls from users who report similar 
symptoms. 


Is this likely to be a malware infection? If so, what type of malware would 
you suspect? 


2. Why might a PC infected with malware display no obvious symptoms? 


3. You receive a support call from a user who is "stuck" on a web page. She is trying 
to use the Back button to return to her search results, but the page just displays 
again with a pop-up message. 


Is her computer infected with malware? 


4. Another user calls to say he is trying to sign on to his online banking service, but 
the browser reports that the certificate is invalid. 


Should the bank update its certificate, or do you suspect another cause? 
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Your company's static IP address has been placed on a number of anti-spam 
blacklists. 


Could this be the result of external fraud or do you need to investigate your 
internal systems for malware? 
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Activity 17-4 


Identifying Security Protection 
Methods 


SCENARIO 


The IT department security team has invited members from various departments, 
including PC Support, HR, Marketing, and Software Development, to join them in 
reviewing and updating the security documents for the organization. You were 
selected to represent the PC Support team on the committee. 


You received an email outlining the topics for the next meeting. You want to write 
down some ideas you think are important to include, and write down your justification 
for including the items. Be sure to take into consideration everything you have learned 
so far about security. 


1. Fill in the table with the information you feel is important to discuss during a 
meeting about security protection methods. 


Item Details to Discuss Justification 
Physical security 


Digital security 


Anti-malware 
software 


Firewalls 


Strong 
passwords 


Email filtering 


2. Share your table with the class. See which items you all included and if there are 
important items you should have included. 
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Summary 


In this lesson, you performed troubleshooting on workstation security issues such as 
malware, web browser and digital certificate issues, and email issues. In your role as an 
A+ technician, you will be advising and supporting users in multiple areas surrounding 
computing devices, so using the guidelines and procedures provided in this lesson will 
enable you to provide the required level of support to users. 


Which best practice for minimizing the effect of malware do you think is most 
important? 


How might you recognize a possible spyware or adware infection ona 
workstation? 


Practice Question: Additional practice questions are available on the CompTIA CHOICE 
platform within the Assessments tile. 
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Lesson 18 


Implementing Operational Procedures 


LESSON INTRODUCTION 


As a CompTIA® At® technician, you will be asked to install, configure, maintain, and correct 
problems with a variety of computer components and software. You will usually be performing this 
work within the context of a company's operational procedures. You have already explored 
procedures governing safe working practices, regulated data and content, incident response, and 
ways of using remote access to handle problems more efficiently. 


Other types of operational procedures are designed to ensure the secure and efficient functioning 
of the IT system. Companies need documentation and change management procedures to keep 
the use of systems under control, potentially using scripting to ensure standardized configuration 
changes. They need plans to cope with disasters so that data loss and system downtime is 
minimized. They need to ensure the physical environment is optimized and does not present any 
health hazards. This lesson will help you to identify the technologies that underpin these important 
procedures. 


LESSON OBJECTIVES 


In this lesson, you will: 

* Describe environmental impacts and controls. 

* Create and maintain documentation. 

e Use change management best practices. 

* Implement disaster prevention and recovery methods. 
* Describe basic scripting concepts. 


+ Use proper communication techniques and general professional attitude. 
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Topic A 


Environmental Impacts and Controls 


EXAM OBJECTIVES COVERED 
A 1002-4.3 Given a scenario, implement basic disaster prevention and recovery methods. 


1002-4.5 Explain environmental impacts and appropriate controls. 


While you explored personal safety previously, there is also the issue of environmental 
impacts on computer systems to consider. Computers need stable power supplies and 
are sensitive to excessive heat. As a CompTIA A+ technician, you must understand the 
use of controls to ensure the proper environmental conditions for IT systems. 


POWER ISSUES 


Environmental power problems such as surges, brownouts, and blackouts are 
caused by failures in the building power supply, rather than failures in the computer's 
power supply unit, AC adapter, or battery pack. 


SURGES 


A surge is an abrupt but brief change in the value of the voltage. It can last from a few 
billionths of a second (a transient) to a few thousandths of a second. A spike is a 
powerful surge, such as that caused by a lightning storm. A surge or spike can be 
caused by high power devices, such as machinery, being turned on or off. Many surges 
are very small and of too short a duration to cause problems, but some can take the 
supply several hundred volts over its normal value and cause sufficient interference to 
a computer's power supply to crash, reboot, or even damage it. 


SAGS/BROWNOUTS 


Some electrically powered devices require very high starting, or inrush, current. These 
include items with large motors, such as lifts, washing machines, or power tools, and 
transformers. When this kind of device is turned on, the large current surge into the 
device may cause the available voltage within the locality to dip for a brief period, 
causing a sag. Sags may also be caused by the switching of power distribution circuits 
by the generating companies. A power sag may only last for a few milliseconds but 
sags of longer than about 10 to 20 milliseconds can cause computer equipment to 
malfunction. If a sag lasts for longer than a second, it is often called a brownout. 
Overloaded or faulty building power distribution circuits sometimes cause brownouts. 


BLACKOUTS 

A complete power failure is called a blackout. A blackout may be caused by a 
disruption to the power distribution grid—an equipment failure or the accidental 
cutting of a cable during construction work, for example—or may simply happen 
because a fuse has blown or a circuit breaker has tripped. 


POWER PROTECTION CONTROLS 


Computing devices of all types, including client systems, network appliances, and 
servers, require a Stable power supply to operate. Electrical events such as voltage 
spikes or surges can crash computers and network appliances, while loss of power 
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from brownouts or blackouts will cause equipment to fail. A range of power protection 
devices is available to mitigate these issues. 


SURGE PROTECTOR 


Passive protection devices can be used to filter out the effects of spikes and surges. 
The simplest surge protector or suppression devices come in the form of adapters, 
trailing sockets, or filter plugs, with the protection circuitry built into the unit. These 
devices offer low-cost protection to one or two pieces of equipment. Surge protectors 
are rated according to various national and international standards, including 
Underwriters Laboratory (UL) 1449. There are three important characteristics: 


* Clamping voltage—defines the level at which the protection circuitry will activate, 
with lower voltages (400 V or 300 V) offering better protection. 

* Joules rating—the amount of energy the surge protector can absorb, with 600 
joules or more offering better protection. Each surge event will degrade the 
capability of the suppressor. 

«+ Amperage—the maximum current that can be carried, or basically the number of 
devices you can attach. As a general rule of thumb, you should only use 80% of the 
rated capacity. For example, the devices connected to a 15 A protector should be 
drawing no more than 12 A. Of course, for domestic wiring, you should take care 
not to overload the building's power circuits in any case. 


LINE CONDITIONERS 


Larger industrial power filter units called line conditioners or Power Distribution 
Units (PDUs) can be used to protect entire power circuits from the effects of surges or 
brownouts, but they are unable to remove or reduce the effects of blackouts. 


BATTERY BACKUPS AND UPS 


Power redundancy means deploying systems to ensure that equipment is protected 
against blackout events so that both system and network operations can either 
continue uninterrupted or be recovered quickly. If there is loss of power, system 
operation can be sustained for a few minutes or hours, depending on load, by using 
battery backup. Battery backup can be provisioned at the component level for disk 
drives, RAID arrays, and memory modules. The battery protects any read or write 
operations cached at the time of power loss. 


At the system level, an Uninterruptible Power Supply (UPS) will provide a temporary 
power source in the event of complete power loss. The time allowed by a UPS is 
sufficient to activate an alternative power source, such as a standby generator. If there 
is no alternative power source, a UPS will at least allow you to shut down the server or 
appliance properly. Users can save files and the operating system can complete the 
proper shutdown routines. 
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Example of a UPS. (Image by magraphics© 123RF.com.) 


UPS SIZING 


In its simplest form, a UPS comprises a bank of batteries and their charging circuit, plus 
an inverter to generate AC voltage from the DC voltage supplied by the batteries. The 
capacity of the battery cells determines the amount of run-time a UPS can supply to 
any given load. This may range from a few minutes for a desktop-rated model to hours 
for an enterprise system. The power supplies in the computer equipment are 
connected to the ports on the UPS, then the UPS is connected to building power. There 
may also be a USB connection to facilitate monitoring and automated shutdown. 


Factors to consider when purchasing a UPS include reliability, cost, uptime, 
maintenance, and system performance and features. Different UPS models support 
different power outputs and form factors, such as desktop or rack mounted, 
depending upon your needs. Determining an appropriate UPS to protect the load from 
a given system is called UPS sizing. 


The maximum power rating (and hence cost) of a UPS is determined by the battery 
specification and the power handling of the inverter and other circuitry. Each UPS is 
rated according to the maximum VA (power) it can supply without overloading. 
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The maximum configuration for this model is described below. Please make any changes relevant to your configuration and user 
preferences, then submit this form to add this unit to your device list. 


System Description 

(2) Computer type 

(2) Monitor type 

© Processor type 

© Number of Processors 

© No. of populated PCI slots 
(2) Internal Hard Drives 

(>) Total External Drives 

© Predominant Hard Drive Type 
© User Site Voltage 


Mini Tower N] 

14-15 inch LCD 

Alpha 21164 = p 
2 

0-2 Slots E 


M 


Fa 


olo 
EIEI 


High RPM hard drive ~] 
M100 M120 M200 M208 M230 


© Plug Type: NEMA 5-15P [~] To choose graphically click here 
(2) No. of Power Cords: 1 
© Quantity [1 ~] 


© External Peripherals 
C Cable/DSL Modem 
CO ISDN Adapter 


O Cable/DSL Router 
O Tape Drive 


O CD/CD-RICD-RWW/DVD/DVD-R 


Choosing the UPS—defining the computer and peripherals. 


To calculate the required VA rating for a UPS, simply add up the VA ratings of all the 
equipment to be connected to the unit. These may be calculated by taking the number 
of watts used by each device and multiplying by 1.67. 


Note: The 1.67 conversion factor is required because the power drawn by a component 
ina DC circuit is not the same as the power required from the AC circuit. This is caused by 
the operation of the capacitors in the PC power supply unit. 


Most UPS vendor websites have a configuration wizard, which you can complete to 
determine what the power output you require is and the UPS models that would suit. 
You can also specify the maximum duration of battery power (10 minutes, for 
instance), which enables you to determine how much charge the unit must be able to 
hold to supply your needs. 


UPS Selector 
> Step 2: User Preferences > 


Please set your preferences below, then click the "Show Solution" button to view a list of of solutions. If you would like to have more 
control over your preferences click here for @Advanced Preferences 


© Extra Power for future expansion: [30% E] 

© Desired run time during power fail: : {Hours : Minutes} 

© Do you require a Rackmountable UPS? OYes © No 

© Do you require a Redundant solution? OYes © No 

© User Site Voltage: | International - 230V system (& 400v) ~] 
Show Solution | 


Need Help? 


Defining the power requirements. 
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ENVIRONMENTAL IMPACTS 


The environment in which computer equipment is kept can affect its proper operation 
and lifespan. All electronic equipment should be kept away from extremes of 
temperature and damp or dusty conditions. Regular inspection and cleaning of a PC's 
components and inspection of its surroundings may increase the Mean Time Between 
Failure (MTBF) of many components. 


DUST AND DEBRIS 


Dust (airborne particles) is drawn into the computer via ventilation holes. Over time, 
the dust can form a thick layer over components and ventilation slots, preventing 
effective heat dissipation. It can clog up peripherals such as keyboards and mice. Dust 
and smears can make the display hard to read. 


Dust can be controlled by cleaning, but you can also deploy controls to ensure that the 
surrounding environment is clean. Many buildings have environmental control systems 
with filters that can reduce the amount of dust in the air. 


The PC chassis may be designed to protect internal components from airborne 
particles. For example, fan inlets can be protected by air or dust filters. These 
polyester sheets trap dust on their surface. If using filters, make sure they are cleaned 
or replaced periodically or they will clog up and prevent air circulating in the PC. 


If the environment is particularly dusty, the whole PC can be placed within an 
enclosure with its own air filters and fans. 


TEMPERATURE, HUMIDITY, AND VENTILATION 


Excessive heat can make a computer unreliable. Computers generate plenty of heat 
just by running. Obviously a personal computer will be situated in an environment 
where the temperature is comfortable for humans (around 20°C/68°F). Do check the 
precise location of the PC though—direct sunlight or proximity to a radiator can cause 
heat to build up too easily. You must ensure that there is space for air to flow around 
the case, especially around the ventilation slots. 


High humidity—the amount of water vapor in the air—can cause condensation to 
form. On the other hand, low humidity allows static charges to build up more easily 
and increases the risk of Electrostatic Discharge (ESD). The ideal level is around 50%. 


Condensation can form as a result of sudden warming. When installing new equipment 
that has just been delivered, it is important to leave it in its packaging for a few hours— 
depending on the outside temperature—to allow it to adjust to room temperature 
gradually. 


A Heating, Ventilation, Air Conditioning (HVAC) system ensures adequate cooling 
and humidity and dust control within a room or other enclosed space. All air flow into 
and out of the room is run through ducts, fans, and filters and warmed or cooled to 
the correct temperature and humidity. 


GENERAL PREVENTIVE MAINTENANCE 


Regular maintenance can increase the lifespan of equipment, but can also be time- 
consuming. You may want to consider providing cleaning materials and procedures to 
users and training them to perform these tasks themselves. To ensure that these tasks 
are performed regularly, you can also provide them with a schedule as suggested in 
the following table. 
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Frequency Checks 


Daily e Check that nothing is obstructing the ventilation slots of 
the system unit. 

* Check that the equipment is installed securely—for 
example, not positioned near desk edges, no cable trip 
hazards, no overloaded power points, no damaged 
cabling, and so on. 

* Also ensure that there are no liquid hazards (chance of 


spills). 
Weekly e Clean the exterior of the monitor and system unit. 
* Clean the keyboard and mouse. 
Monthly e Check that fans are functioning correctly. 


* Check that all cables are correctly seated and secured 
to the system unit and peripherals. 


It is important to control the build-up of dust (and clean up spills), but it is also 
important not to use household cleaning products for PC maintenance. Do not blow 
away dust with your mouth, as moisture may land on electronic components! 


D Note: Always power off the computer and disconnect any devices before cleaning them. 


MASK AND GLOVES 


A mask that fits over your mouth and nose should be worn when you are using a 
compressed air canister, working around toner spills, or working in an otherwise dusty 
environment. A mask minimizes the risk of inhaling damaging airborne particles. You 
should also wear latex gloves when cleaning up a toner spill. 


COMPRESSED AIR 


Use a compressed air blaster to dislodge dust from difficult to reach areas. Take care 
with use, however, as you risk contaminating the environment with dust. Ideally, 
perform this sort of maintenance within a controlled work area and wear an 
appropriate air filter mask. Also consider wearing safety goggles to minimize the risk of 
irritating your eyes with dust. 


Note: Do not use compressed air blasters to clean up a toner spill or a laser printer 
within an office-type area. You will blow fine toner dust into the atmosphere and create a 


health hazard. 


Use caution when working with compressed air. Read the instructions on the can and 
follow them carefully. Tipping the can too much can cause the propellant to leave the 
can in liquid form and at sub-freezing temperatures. The freezing could easily damage 
components, particularly those that may still be hot from use. There is also the issue of 
the corrosiveness of the chemical damaging components later on. Also, some delicate 
components on the motherboard can be damaged—literally blown off the board—if 
compressed air is used too close to a component. 


VACUUMS 


Use a PC vacuum cleaner or natural bristle brush to remove dust from inside the 
system unit, especially from the motherboard, adapter cards, and fan assemblies. 
Home appliances should not be used, as they can produce high levels of static 
electricity. PC-safe vacuums can often be used to blow air as well as for suction, so they 
can replace the need for compressed air canisters for blowing dust out of machines. 
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Sucking the dust up is usually better, though, since blowing the dust can cause it to get 
onto or into other components. 


Note: A PC vacuum can be used to deal with toner spills if the filter and bag are fine 
enough to contain toner particles. Such vacuums should be labeled "toner safe." Ideally, 


move the printer to a maintenance room with filters to contain airborne particles. 
Alternatively, a toner cloth is a special cloth that you stretch that picks up toner particles 
that are either in the printer or around the printer. Be careful if you are using it inside the 
printer so that the cloth does not get caught on any components and leave fibers behind. 


PERIPHERAL DEVICE AND LAPTOP MAINTENANCE 


Peripheral and mobile devices receive the most wear and tear and require the most 
regular cleaning to keep them working properly. 


There are several types of wipes and cloths that you can use to clean displays, 
keyboards, and other equipment. These use an appropriate cleaning solution for the 
type of plastic or surface coating that you are cleaning. They should also be non- 
abrasive and lint-free so that cleaning does not cause scratches or leave behind stray 
fibers. 


MOUSE 


Mice suffer from build-up of grease and dust around the buttons and scroll wheel and 
need regular cleaning. To ensure that the mouse functions correctly, you should use it 
on a clean, flat surface, such as that provided by a proper mouse mat. 


KEYBOARD 


Ensure that keyboards are not used in an environment where food and beverages are 
present, as spillage of these substances can cause the keyboard to malfunction and 
make it difficult to clean. You can use a compressed air canister, PC vacuum cleaner, or 
natural bristle brush to clean debris from a keyboard then wipe down the surfaces 
with a lint-free cloth and approved cleaner. Tightly wound cotton swabs or toothpicks 
are useful when trying to get dust and debris out from between keys and around 
buttons or other tight areas. 


DISPLAY 


The display screen should be kept clean and free of smears to avoid eyestrain when 
using the computer for prolonged periods. If the screen requires more than dusting, 
use an approved display screen cleaner, spraying the cleaner onto the cloth or pad, not 
onto the screen. You can also obtain pre-moistened wipes. You must use approved 
cleaning products and a non-abrasive cloth to avoid damaging the screen's anti-glare 
coating. The products are also formulated to provide anti-static protection against 
further dust buildup. When cleaning the screen, wipe horizontally across the screen 
and then vertically. Do not forget to clean into the screen corners. 


LAPTOP MAINTENANCE ISSUES 


Laptops are typically used in dirtier environments than desktops. Despite the name, it 
is important to encourage users to put the laptop on a firm, flat surface during use, to 
allow the cooling fan and vent on the bottom to work properly. These vents should be 
cleaned regularly using a PC-approved vacuum cleaner or compressed air. For actual 
"laptop" use, it is best to provide a chiller pad or mat to provide air flow and (with 
active chiller pads) extra USB-powered fans for cooling. 


Compressed air can also be used to clean the keyboard. The screen, touchpad, and 
case can be cleaned using a soft cloth and approved cleaning solution. 
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DISPOSAL, RECYCLING, AND COMPLIANCE 


Even with procedures in place to properly maintain IT equipment, eventually it will 
need to be decommissioned and either disposed of or recycled. IT equipment contains 
numerous components and materials that can cause environmental damage if they 
are disposed of as ordinary refuse. 


COMPLIANCE AND GOVERNMENTAL REGULATIONS 


In the United States and many other nations, your employer is obligated to comply 
with governmental regulations that apply to its specific business. The most common 
regulations are those issued by the federal government, such as the Occupational 
Safety and Health Administration (OSHA), and state standards regarding employee 
safety. OSHA-compliant employers must provide: 


e Aworkplace that is free from recognized hazards that could cause serious physical 
harm. 

* Personal protective equipment designed to protect employees from certain 
hazards. 

* Communication—in the form of labeling, Material Safety Data Sheets (MSDSs), and 
training about hazardous materials. 


Your responsibility—to yourself, your employer, your coworkers, and your customers— 
is to be informed of potential hazards and to always use safe practices. 


Protection of the environment is another area that is regulated by the federal and local 
governments in the United States and many other nations. Many municipalities have 
regulations that control the disposal of certain types of computer equipment. Your 
responsibility is to be aware of any environmental controls that are applicable to your 
workplace, and to be in compliance with those regulations. 


Materials safety and environmental legislation require that environmental hazards be 
disposed of correctly. In the US, environmental matters are the responsibility of the 
Environmental Protection Agency (EPA). 


MSDS DOCUMENTATION 

Employers are obliged to assess the risk to their workforce from hazardous substances 
at work and to take steps to eliminate or control that risk. No work with hazardous 
substances should take place unless an assessment has been made. Employees are 
within their rights to refuse to work with hazardous substances that have not been 
assessed. 


Suppliers of chemicals are required to identify the hazards associated with the 
substances they supply. Some hazard information will be provided on labels, but the 
supplier must also provide more detailed information on a Material Safety Data 
Sheet (MSDS). 

An MSDS will contain information about: 


* Ingredients. 

e Health hazards, precautions, and first aid information. 

e What to do if the material is spilled or leaks. 

* How to recycle any waste product or dispose of it safely. 

You may need to refer to an MSDS in the course of handling monitors, power supplies, 
batteries, laser printer toner, and cleaning products. If handling devices that are 
broken or leaking, use appropriate protective gear, such as gloves, safety goggles, and 
an air filter mask. 
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SAFETY DATA SHEET 


Date of issue/Date of revision 16 July 2018 
Version 9.01 


Section 1. Identification 


Product name : Metal Cleaner 
Product code : DX579 

Other means of 
identification 


Product type : Liquid. 


: Not available. 


Relevant identified uses of the substance or mixture and uses advised against 


Product use : Industrial applications. 


Use of the substance/ 


: Coating. Paints. Painting-related materials. 
mixture 


An example of MSDS documentation. 
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Activity 18-1 


Discussing Environmental Impacts and 
Controls 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What are the principal characteristics of a surge protector? 


2. When you are sizing the load for a UPS, how would you calculate the power 
used by a PC component? 


3. Why should you never use a home vacuum cleaner to clean a PC? 
4. What are the principal environmental hazards to consider when installing 


PC equipment? 


5. When might you need to consult MSDS documentation? 
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Topic B 


Create and Maintain Documentation 


EXAM OBJECTIVES COVERED 
A 1002-4.1 Compare and contrast best practices associated with types of documentation. 


There are many reasons for creating and maintaining documentation. A big reason is 
so that in case of a disaster, you already have critical documentation in place that will 
help you rebuild as quickly as possible. Without detailed documentation, you would 
have to rely on memory to determine your network layout, which would likely be very 
time consuming, costly, and ultimately inaccurate. A complete set of configuration 
documentation will give you a solid base from which you can begin rebuilding 
individual workstations, servers, and your network. 


You should also document organizational policies. By identifying common 
organizational policies and procedures that deal with computer use, you will be more 
capable of dealing with compliance issues as they arise and protecting organizational 
resources. 


EQUIPMENT INVENTORY 


It is crucial for an organization to have a well-documented inventory of its tangible and 
intangible assets and resources. This should include all hardware that is currently 
deployed as well as spare systems and components kept on hand in case of 
component or system failure. In terms of network management, these will include 
network appliances (routers, switches, threat management devices, access points), 
servers, workstations, and passive network infrastructure (cabling and cross-connects). 


There are many software suites and associated hardware solutions available for 
tracking and managing assets (or inventory). An asset management database can be 
configured to store as much or as little information as is deemed necessary, though 
typical data would be type, model, serial number, asset ID, location, user(s), value, and 
service information. Tangible assets can be identified using a barcode label or Radio 
Frequency ID (RFID) tag attached to the device (or more simply using an identification 
number). An RFID tag is a chip programmed with asset data. When in range of a 
scanner, the chip powers up and signals the scanner. The scanner alerts management 
software to update the device's location. As well as asset tracking, this allows the 
management software to track the location of the device, making theft more difficult. 


For each asset record there should also be a copy of or link to the appropriate vendor 
documentation. This would include both an invoice and warranty/support contract and 
support and troubleshooting guidance. 


IT asset management is the set of management policies that include information 
about the financial and contractual specifications of all the hardware and software 
components present in an organization's inventory. Some organizations have exclusive 
asset management for hardware and software components. As part of inventory 
management, use the system life cycle to determine whether the items in the 
inventory need to be retired or replaced. Use proper asset disposal methods when 
removing assets from inventory. Critical hardware and software inventory provides 
insurance documentation and helps determine what you need to rebuild the network. 
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Hardware/ 
Inventory Entry Software Information to Include 
Standard workstation Hardware A basic description of a standard client 


workstation. Include minimum 
requirements and the installed operating 
system as well as how many workstations 
of this type are deployed. For 
workstations that deviate from the norm, 
be sure to document the deviations. 


Specialty workstation Hardware A description of any specialty 
workstations deployed. Include a brief 
description of their roles and special 
configurations implemented on them. 


Server Hardware A list of the basic server hardware 
configuration and the role of these 
servers. List their internal hardware and 
any special configuration settings and 
software. Include a configuration list for 
the operating system. 


Connectivity hardware Hardware A list of all connectivity hardware in as 
much detail as possible. This includes the 
device brand and model numbers, but a 
description of each feature ensures that 
replacements can be made without 
research. 


Backup hardware Hardware Document critical information about 
backup hardware, such as the vendor and 
model number of a tape drive, backup 
hard drives, DVD drives, and network 
attached storage, if applicable. 


Operating system Software All operating system software, including 

software desktop and server operating systems. 
Include documentation on licensing and 
copies of the bulk licenses, if possible. 
Many vendors retain records of software 
licenses sold to their customers. If this is 
the case, include this fact in your 
documentation. 


Productivity and Software Off-the-shelf productivity software, 

application software including any applications installed on 
client devices and servers. 

Maintenance utilities | Software The utilities used to maintain a network, 


especially backup software and software 
configuration. 


Backup Software Records of when backups were made, 

documentation how frequently to make them, what 
backups contain, where backups are 
stored, and credentials needed to restore 
backups. Document the backup software 
and version. Special setup and 
configuration considerations need to be 
documented, too. 
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Hardware/ 
Inventory Entry Software Information to Include 
Overall asset Software If your company maintains an overall 
inventory asset inventory, attach a copy. Many 


companies use the inventory as a base to 
track hardware and maintenance. This 
usually includes most of the information 
needed. 


NETWORK TOPOLOGY DIAGRAMS 


Diagrams are the best way to capture the complex relationships between network 
elements. They are also the most effective means of locating particular items within 
the network. Diagrams can be used to model physical and logical relationships at 
different levels of scale and detail. These relationships are described as the network 


topology. 


SCHEMATIC BLOCK DIAGRAM 


A schematic is a simplified representation of the network topology. In terms of the 
physical network topology, it can show the general placement of equipment and 
telecommunications rooms plus device and port IDs without trying to capture the 
exact position or relative size of any one element. Schematics can also be used to 
represent the logical structure of the network in terms of security zones, VLANs, and 
subnets. 


Schematics can either be drawn manually using a tool such as Microsoft® Visio® or 
compiled automatically from network mapping software. 
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Use a tool such as Visio to create network diagrams. 


REFERENCE DOCUMENTATION 


There are several types of documentation and resources that you might find helpful 
when you are dealing with common hardware and operating system problems. You 
can also share documentation and resources with users as a means of assisting and 
educating them. 
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Resource Description 
User/installation User and installation manuals can provide you with basic 
manuals guidance for installing, configuring, and troubleshooting 


hardware and software. 


By providing users with various user and installation 
manuals, users can fix minor issues and problems before 
requesting additional assistance from a technician. 
Examples include installing company-specific applications, 
installing network printers, and mapping drives. 


Internet/web-based Internet and web-based resources can provide a wealth of 

resources information on installing, configuring, and troubleshooting 
hardware and software. Many hardware and software 
manufacturers maintain knowledge bases (KBs) and 
wikis to share information about both common and 
unusual issues that can arise with PC hardware and 
software. 


Articles written by industry leaders, by support 
professionals, and by vendors can be a good source of 
information. Be sure to take into consideration who wrote 
the article and any verifiable credentials so you can 
determine the legitimacy of the article content. 


Internet and web-based materials can also provide users 
with quick reference materials for dealing with everyday 
issues on their own. Some organizations provide a web 
page or wiki with user-specific information and reference 
materials. 


Training materials Most major hardware and software manufacturers provide 
training materials on how to install and use their products. 
These materials can be helpful for both new and 
experienced technicians. 


You can provide training materials for various tasks that 
users may need to complete on their own, such as virus 
scans, computer maintenance tasks, and PC clean-up 
tasks. By providing training materials, you empower users 
to be proactive in maintaining their systems. 


INCIDENT DOCUMENTATION 


A piece of software that can be considered part of your support toolkit is a tracking 
database where incidents that occur can be documented. There are different kinds of 
incidents, with different reporting requirements. One type of incident is for 
troubleshooting or support requests. Each support incident will be logged as a job or 
ticket within the incident management system. The following information will form the 
core of a job ticket: 


Information Notes 
Job ID Job IDs are often referred to as tickets. 
Contact Name, organization, department, email 


address, telephone number. In a 
database, the job could be linked to a 
contact record. 


Priority Assessed from caller's description and 
customer's service level. 
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Information Notes 


Problem description Including information about platform 
(hardware, OS, application [including 
version and update number]), and what 
the user was doing. 


Asset Hardware component or software 
application associated with the problem, 
linked to an asset management database. 


Details What was attempted during the first 
contact. 

Follow up Date and description of follow up actions. 

Dates Dates when the ticket was opened, 


updated, and closed. 


Security incident reporting needs to capture some of the same information but will 
normally be handled by a dedicated security response team. Reports of actual or 
suspected security policy violations will initially be processed by a first responder. The 
report will log the location and time of the incident plus systems affected and the 
actors and methods used to perform the intrusion. It is important to identify whether 
any data breach has occurred and what sort of notification must be made for 
regulatory or compliance purposes. The contents of security incident reports must be 
kept confidential and access granted on a need-to-know basis only. 


Rudison Technologies Office Use Only 


Actions taken 


Computer Safety Incident Report 


Fill out as completely as possible 


1. Nature of incident 

2. Location of incident 

3. Time of incident 

4. Date of incident 

5. Your name, position, and phone number 

6. Date and time this report was filed 

7. Was there any injury? Place an “X” after one - Yes __ or No _ -and elaborate in description below. 

8. Is there an ongoing hazard? Place an “X" after one - Yes __ or No _ -and elaborate in description below. 


Names, addresses, phone numbers, and ID es of individuals involved. 
Please identify as complainant(s), perpe 


[Home| Adsess | Phone Number | Employee Numar] SUE | 
Coo o o o o 


Sequence or Description of Events. Be concise yet thorough. 


Sample incident report. 


Accidents represent another type of incident reporting requirement. An accident is 
any instance where a person is injured or computer equipment is damaged due to 
environmental issues. The report is also used for accidents involving hazardous 
materials, such as chemical spills, that could have an impact on the environment. Any 
time an accident occurs at a work site, you should submit an incident report. Reporting 
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these occurrences is often part of company policy and can help provide protection 


against liability. 


Incident documentation might use a simple spreadsheet or database, or it might be a 
complex help desk management tracking application; it all depends on the needs of 
your organization. Incident management includes the practices and procedures that 
govern how an organization will respond to an incident in progress. 


ORGANIZATIONAL POLICIES 


As a vital component of a company's IT infrastructure, employees must understand 
how to use computers and networked services securely and safely and be aware of 
their responsibilities. To support this, the organization needs to create written policies 
and procedures to help staff understand and fulfill their responsibilities and follow 


best practice. 


STANDARDS, PROCEDURES, AND GUIDANCE 


A policy is an overall statement of intent. In order to establish the correct working 
practices, three different mechanisms can be put in place. 


Policy Type 
Standard 


Procedure 


Guidelines 


Description 


A standard is a measure by which to 
evaluate compliance with the policy. 


A procedure, often referred to as a 
Standard Operating Procedure (SOP), is 
an inflexible, step-by-step listing of the 
actions that must be completed for any 
given task. Most critical tasks should be 
governed by SOPs. 


Guidelines exist for areas of policy where 
there are no procedures, either because 
the situation has not been fully assessed 
or because the decision making process is 
too complex and subject to variables to 
be able to capture it in a procedure. 
Guidelines may also describe 
circumstances where it is appropriate to 
deviate from a specified procedure. 


POLICY ENFORCEMENT 


It is not enough to just have standards and policies. Your organization and its 
employees and contractors need to adhere to them as well. For employees and 
contractors, this requires that they read the standards and policies, and understand 
that they need to follow them. For the organization, it also needs to follow the 
standards and policies, regardless of who is acting on the organization's behalf. In 
addition, the organization may also have regulatory compliance and additional 
adherence to laws, regulations, guidelines, and specifications relevant to its business. 
Violations of regulatory compliance regulations often result in legal punishment, 


including federal fines. 


PERSONNEL MANAGEMENT POLICIES 

Human Resources (HR) is the department tasked with recruiting and managing the 
organization's most valuable and critical resource: people. Personnel management 
policies can be conceived as applying in three phases. 
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Phase Description 


Recruitment or hiring Recruitment involves locating then 
selecting and hiring people to work in 
particular job roles. Security issues here 
include screening candidates and 
performing background checks. 


Operation or working It is often the HR department that 
manages the communication of policy 
and training to employees, though there 
may be a separate training and personal 
development department within larger 
organizations. As such, it is critical that HR 
managers devise training programs that 
communicate the importance of security 
to employees. 


Termination or separation Whether an employee leaves voluntarily 
or involuntarily, termination is a difficult 
process, with numerous security 
implications. An employee might be fired, 
retired, or simply be moving on to 
another job at another organization. 


Operational policies include privilege management, data/information handling, 
incident response, and use of company devices and services such as Internet access. 
One function of HR is to draft and communicate these written policies to employees, 
including any updates to the policies. Another function is to enforce disciplinary 
measures, perhaps in conjunction with departmental managers. 


PASSWORD POLICIES 


A password policy defines standards for creating password complexity. It also defines 
what an organization considers weak passwords and the guidelines for protecting 
password safety. It specifies standards such as avoiding common passwords, how to 
create strong passwords, and rules for not using work-related passwords for other 
sites or services. 


ACCEPTABLE USE POLICIES 


An Acceptable Use Policy (AUP), or Fair Use Policy, sets out what someone is 
allowed to use a particular service or resource for. Such a policy might be used in 
different contexts. For example, an AUP could be enforced by a business to govern 
how employees use equipment and services such as telephone or Internet access 
provided to them at work. Another example might be an ISP enforcing a fair use policy 
governing usage of its Internet access services. Enforcing an acceptable use policy is 
important to protect the organization from the security and legal implications of 
employees (or customers) misusing its equipment. Typically, the policy will forbid the 
use of equipment to defraud, defame, or to obtain illegal material. It is also likely to 
prohibit the installation of unauthorized hardware or software and to explicitly forbid 
actual or attempted intrusion (snooping). An organization's acceptable use policy may 
forbid use of Internet tools outside of work-related duties or restrict such use to break 
times. 


AUPs often include policies for the items listed in the following table. 
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An AUP Policy for Covers 


Rules of Behavior The equipment used to access the Internet in the workplace is 
owned by the employer. Many employees expect relatively 
unrestricted access to Internet facilities for personal use. In 
fact, employees' use of social networking and file sharing poses 
substantial risks to the organization, including threat of virus 
infection or systems intrusion, lost work time, copyright 
infringement, and defamation. If an employee breaks copyright 
laws or libels someone using an organization's equipment, the 
organization itself could be held liable. 


To avoid confusion, an employee's handbook should set out 
the terms under which use of web browser/email/social 
networking/P2P software is permitted for personal use, and 
what penalties infringements could incur. Employers are within 
their rights to prohibit all private use of Internet services. 


Users should be aware that any data communications, such as 
email, made through an organization's computer system are 
liable to be stored within the system, on servers, backup 
devices, and so on. Consequently, employees should not use 
computers at work to send personal information, for their own 
security and privacy if nothing else. 


Use of Personally Portable devices such as smartphones, USB thumb drives, 
Owned Devices in media players, and so on pose a considerable threat to data 
the Workplace security as they facilitate file copying. Camera and voice 


recording functions are other obvious security issues. 


Network access control/endpoint security and data loss 
prevention solutions can be of some use in preventing the 
attachment of such devices to corporate networks. Some 
companies may try to prevent staff from bringing such devices 
on site. This is quite difficult to enforce, though. 


GUIDELINES FOR CREATING AND MAINTAINING 
DOCUMENTATION 


Note: All of the Guidelines for this lesson are available as checklists from the Checklist 
Vf tile on the CHOICE Course screen. 


Here are some guidelines to follow when creating and maintaining your 
documentation. 


CREATE AND MAINTAIN DOCUMENTATION 
Consider the following guidelines for creating and maintaining documentation: 
* Keep an accurate record of the equipment and software within the organization, 
including: 
* Deployed hardware, both complete systems and components. 
* Deployed software, both applications and operating systems. 
* Spare hardware, both complete systems and components. 
* Software that is not currently installed, both applications and operating systems. 
+ Use asset tags, either printed barcodes or RFID tags, to track equipment. 


e Each asset record should include a copy of or link to the appropriate vendor 
documentation. 
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* Document network components through the use of schematic block diagrams 
showing physical and logical network structure. 
* Maintain a library of reference documentation, including: 


* User and installation manuals. 

* Links to Internet and web-based resources. 

* Training materials. 
* Document incidents through the use of standardized incident reports. 
* Create and maintain organizational policies. This should include: 


* Personnel management policies. 
* Policy on how to handle confidential information. 
* Acceptable use policies. 
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Activity 18-2 


Discussing Documentation Creation 
and Maintenance 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What role do barcodes play in managing inventory? 


2. What are the two main types of network topology diagrams? 


3. What is the purpose of a KB? 


4. What three broad types of incident documentation might a business 
require? 
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5. While you are answering a service call on a computer that is located in a common 
area of the office, you come across information showing that some unauthorized 
websites have been viewed. The activity has been linked to a particular user 
account. 


What is the appropriate action to take? 
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Topic C 


Use Basic Change Management Best 
Practices 


EXAM OBJECTIVES COVERED 
A 1002-4.2 Given a scenario, implement basic change management best practices. 


Practically every technical deployment will face unforeseen issues. The IT project team 
members should address unexpected changes by using a process that keeps 
stakeholders informed and that minimizes impact on the overall project, especially the 
project's timelines and goals. 


CHANGE MANAGEMENT 


Configuration management means identifying all components of the information 
and communications technology (ICT) infrastructure (hardware, software, and 
procedures) and their properties. Change management means putting policies in 
place to reduce the risk that changes to these components could cause service 
disruption (network downtime). 


ITIL CONFIGURATION MANAGEMENT MODEL 

IT Infrastructure Library (ITIL®) is a popular documentation of good and best practice 
activities and processes for delivering IT services. Under ITIL, configuration 
management is implemented using the following elements: 


* Service assets are things, processes, or people that contribute to the delivery of an 
IT service. 

« A Configuration Item (Cl) is an asset that requires specific management 
procedures for it to be used to deliver the service. Each Cl must be identified by 
some sort of label. Cls are defined by their attributes, which are stored ina 
Configuration Management Database (CMDB). 

* Baseline is a fundamental concept in configuration management. The baseline 
represents "the way it was." A baseline can be a configuration baseline (the ACL 
applied to a firewall, for instance) or a performance baseline (such as the 
throughput achieved by a server). 

+ A Configuration Management System (CMS) is the tools and databases that 
collect, store, manage, update, and present information about Cls. A small network 
might capture this information in spreadsheets and diagrams; there are dedicated 
applications for enterprise CMS. 

One of the goals of the CMS is to understand the relationships between Cls. Another is 

to track changes to Cl attributes (and therefore variance from the baseline) over time. 

The purpose of documentation in terms of change and configuration management is 

as follows: 

* Identify each component (Cl) and label it. 

* Capture each Cl and its (relevant) attributes in a CMDB. 

* Capture relationships between Cls. This is best done using diagrams. 

* Capture changes to a Cl as a job log and update the CMDB. 
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DOCUMENTING CHANGES 


Each individual system, server, and network component should have a separate 
document that describes its initial state and all subsequent changes. This document 
includes configuration information, a list of patches applied, backup records, and even 
details about suspected breaches. Printouts of hash results, last modification dates of 
critical system files, and contents of log files may be pasted into this book. System 
maintenance can be made much smoother with a comprehensive change document. 
For instance, when a patch is available for an operating system, it typically applies in 
only certain situations. Manually investigating the applicability of a patch on every 
possible target system can be very time consuming; however, if logs are available for 
reference, the process is much faster and more accurate. 


Note: An example of change management documentation that you can use as a starting 
point when creating this document for your organization can be found at https:// 


www.sans.org/summit-archives/file/summit-archive-1493830822. pdf. 


DOCUMENTED BUSINESS PROCESSES 


Depending on the needs of your organization, you might need general business 
processes to be documented, or you might need every single thing that happens 
throughout the workday documented. The latter usually applies to businesses that 
need FDA or other governmental approval to produce and sell goods and services. At 
the minimum, you should document changes made to systems such as when a new 
employee comes on board or when an employee leaves and what happens to their 
hardware and software when those events occur. You will also want to document how 
various tasks are completed throughout the organization, including how systems are 
configured, how the network is configured, what criteria is required for making 
changes to any equipment that is deployed, how and when to replace equipment, and 
many other aspects of having an organization filled with computing devices. 


SOPs AND WORK INSTRUCTIONS 


The main difficulty in implementing a workable configuration management system is in 
determining the level of detail that must be preserved. This is not only evident in 
capturing the asset database and configuration baseline in the first place, but also in 
managing Moves, Adds, and Changes (MACs) within the organization's computing 
infrastructure. In terms of computing tasks, a CMS will require that configuration 
changes be made only when there is a valid job ticket authorizing the change. This 
means that the activity of all computer support personnel, whether it be installing new 
devices or troubleshooting, is recorded in job logs. In a fully documented environment, 
each task will be governed by some sort of procedure. Formal configuration 
management models often distinguish between two types of procedural 
documentation: 


+ A Standard Operating Procedure (SOP) sets out the principal goals and 
considerations (such as budget, security, or customer contact standards) for 
performing a task and identifies lines of responsibility and authorization for 
performing it. 

* AWork instruction is step-by-step instructions for performing an installation or 
configuration task using a specific product or technology and credentials. 


CHANGE MANAGEMENT DOCUMENTATION 

To reduce the risk that changes to configuration items will cause service disruption, a 
documented management process can be used to plan for change in a planned and 
controlled way. Change requests are usually generated when something needs to be 
corrected, new business needs or processes are identified, or there is room for 
improvement in a process or system currently in place. The need to change is often 
described either as reactive, where the change is forced on the organization, or as 
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proactive, where the need for change is initiated internally. Changes can also be 
categorized according to their potential impact and level of risk (major, significant, 
minor, or normal, for instance). 

In a formal change management process, the need or reasons for change and the 
procedure for implementing the change is captured in a Request for Change (RFC) 
document and submitted for approval. 

Change request documentation should include: 


* The purpose of the change. 

* The scope of the change. 

* Arisk analysis of both performing the change and not performing the requested 
change. 

* A documented plan for carrying out the change. 

* A method to acquire end-user acceptance that the change was performed to their 
satisfaction and that the change was properly implemented. 

* A backout plan in case unforeseen problems arise when the change is made. 

* Document all changes that were made. 


CHANGE BOARD APPROVAL 

The RFC will then be considered at the appropriate level and affected stakeholders will 
be notified. This might be a supervisor or department manager if the change is normal 
or minor. Major or significant changes might be managed as a separate project and 
require approval through a Change Advisory Board (CAB). 


PROCESS FOR INSTITUTING CHANGE TO OPERATIONAL 
POLICIES AND PROCEDURES 


Regardless of whether an organization is large enough to require formal change 
management procedures and staff, the implementation of changes should be carefully 
planned, with consideration for how the change will affect dependent components. For 
most significant or major changes, organizations should attempt a trial 
implementation of the change first. Every change should be accompanied by a rollback 
(or backout) plan, so that the change can be reversed if it has harmful or unforeseen 
consequences. Changes should also be scheduled sensitively if they are likely to cause 
system downtime or other negative impact on the workflow of the business units that 
depend on the IT system being modified. Most organizations have a scheduled 
maintenance window period for authorized downtime. 


When the change has been implemented, its impact should be assessed and the 
process reviewed and documented to identify any outcomes that could help future 
change management projects. 


GUIDELINES FOR USING CHANGE MANAGEMENT BEST 
PRACTICES 


Here are some best practices to follow regarding change management. 


USE CHANGE MANAGEMENT BEST PRACTICES 

Consider these best practices guidelines for using change management: 

* Create a separate document for each individual system, server, and network 
component that describes its initial state and all subsequent changes. This 
document includes: 

* Configuration information 
e Applied patch list 
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e Record of backups 
* Details about suspected security breaches 
* Configuration management using ITIL should be implemented using: 


* Service assets 
* Configuration items 
* Configuration Management Database (CMDB) 
* Baselines 
* Configuration Management System 

* Document the need or desire for a change using an RFC document. 

* RFCs should be considered at the appropriate level and affected stakeholders 
notified. 

e Major or significant changes might be managed as a separate project and require 
approval through a Change Advisory Board (CAB). 

* Follow documented SOPs and Work Instructions when performing moves, adds, 
and changes. 

* Implementation of changes should be carefully planned, with consideration for how 
the change will affect dependent components. 

* For most significant or major changes, organizations should attempt to trial the 
change first. 

* Every change should be accompanied by a rollback (or remediation) plan. 

e Changes should also be scheduled sensitively if they are likely to cause system 
downtime or other negative impact on workflow. 

* When the change has been implemented, its impact should be assessed and the 
process reviewed and documented to identify any outcomes that could help future 
change management projects. 
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Activity 18-3 


Discussing Change Management Best 
Practices 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. Why are documented business processes essential for effective change 
management? 


2. What are the main components of an RFC? 


3. What is a change board? 
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Topic D 


Implement Disaster Prevention and 
Recovery Methods 


EXAM OBJECTIVES COVERED 
H 1002-4.3 Given a scenario, implement basic disaster prevention and recovery methods. 


Ensuring that data, applications, client computers, servers, and other network 
resources are available to users is part of a computer technician's responsibilities. This 
can be challenging when hardware fails or a natural disaster strikes. In this topic, you 
will see how to implement measures related to disaster prevention and recovery. 


DISASTER PREVENTION AND RECOVERY 


A disaster could be anything from a fairly trivial loss of power or failure of a minor 
component to man-made or natural disasters, such as fires, earthquakes, or acts of 
terrorism. An organization sensitive to these risks will develop an effective, 
documented Disaster Recovery Plan (DRP). This should accomplish the following: 


* Identify scenarios for natural and man-made disasters and options for protecting 
systems. 

* Identify tasks, resources, and responsibilities for responding to a disaster. 

* Train staff in the disaster planning procedures and how to react well to change. 


When a disaster occurs, the failover recovery plan will swing into action to get the 
failed part of the network operational as soon as possible. If a disk has failed, swap it 
out. If a network component has failed, remove and replace or repair the component 
to provide for high reliability as soon as possible. If data becomes corrupted or lost, 
utilize your restoration plan to recover the data. 


DATA BACKUP AND RESTORATION 


One of the important tasks you will need to perform as an A+ technician is making sure 
that users' data and system settings are being backed up in case things go awry. 


Data backup is a system maintenance task that enables you to store copies of critical 
data for safekeeping. Backups protect against loss of data due to disasters such as file 
corruption or hardware failure. Data restoration is a system recovery task that 
enables you to access the backed-up data. Restored data does not include any changes 
made to the data after the backup operation. Data backups can be accomplished 
simply by copying individual files and folders to a local or network location or by using 
dedicated software and hardware to back up large amounts of data. 


Backup operations can be performed at different levels: 

e File level—this is used to back up user-generated files stored in local profile folders 
or network shares. Almost all backup software can perform this basic task. 

* Image-level—this is used to back up an OS and can include third-party software 


applications, drivers, and custom settings installed under the OS. An image can be 
used both to restore physical computers and Virtual Machines (VM). 
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* Critical applications—network applications often depend on some sort of 
database for storage rather than individual file-based storage. Specialist backup 
software is required to connect to the database. Backups can be made of the whole 
database or of individual tables and records. 


Note: As well as the application data and settings, make sure you make a backup of 
product keys and license information. These might be required to restore the application 
license. 


Many devices and user accounts include cloud storage space. If you store your data in 
a cloud storage site, the onus of performing backups is left to the provider of the cloud 
space. This data is often also stored on your local storage device, so you have two 
copies already. Examples include photos and music stored on smart phones being 
automatically copied to the platform's related cloud storage site such as iCloud® for 
Apple® devices and Google Drive™ for Android™ devices. 


BACKUP MANAGEMENT 


The execution and frequency of backups must be carefully planned and guided by 
policies. Backups are kept back to certain points in time. As backups take up a lot of 
space, and there is never limitless storage capacity, this introduces the need for 
storage management routines and techniques to reduce the amount of data occupying 
backup storage media while giving adequate coverage of the required recovery 
window. The recovery window is determined by the Recovery Point Objective (RPO), 
which is determined through business continuity planning. 


2 : ; 
Xela eecledeem™s = Machines with agents All Ea S @©| X WIN2016-DC.classroom.local 
@ overview Q Search 
& ADD BACKUP PLAN 
= DEVICES Type Name Status Las 
WIN2016-DC.classroo, iv) OK A” 
All machines © 
; F . & 
eee ees Entire machine to \\win10-ws\backup @ 
Machines with agents > EN 
o 
VM WINO7-WS.cdassroom.. Entire machine 
Microsoft SQL 
[vm] WIN10-WS.classroom.! ð Microsoft Active Directory 
a \iwin10-ws\backup 
Monday to Friday at 11:00 PM 
© Monthly: 6 months 
Weekly. 4 weeks 
© On 
B | na 


Backing up a domain controller using Acronis backup. The How Long to Keep field specifies the 
retention period. (Screenshot courtesy of acronis.com.) 


Data retention needs to be considered in the short and long term: 


* Inthe short term, files that change frequently might need retaining for version 
control. Short term retention is also important in recovering from malware 
infection. Consider the scenario where a backup is made on Monday, a file is 
infected with a virus on Tuesday, and when that file is backed up later on Tuesday, 
the copy made on Monday is overwritten. This means that there is no good means 
of restoring the uninfected file. 

+ Inthe long term, data may need to be stored to meet legal requirements or to 
comply with company policies or industry standards. 
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A retention policy can either be based on redundancy (the number of copies of each 
file that should be retained) or on a recovery window (the number of days into the past 
that should be retained). 


BACKUP TYPES 


When considering a backup made against an original copy of data, the backup can 
usually be performed using one of three main types: full, incremental, or differential. In 
Windows®, a full backup includes all selected files and directories, whereas incremental 
and differential backups check the status of the archive attribute before including a 
file. The archive attribute is set whenever a file is modified. This allows backup 
software to determine which files have been changed and therefore need to be copied. 


Note: Linux doesn't support a file archive attribute. Instead, a date stamp is used to 
determine whether the file has changed. 


The following table summarizes the three different backup types. 


Backup/Restore 
Type Data Selection Time Archive Attribute 
Full All selected data High/low (one tape Cleared 


regardless of when set) 
it was previously 


backed up 

Incremental New files and files Low/high (multiple Cleared 
modified since last tape sets) 
backup 

Differential All data modified Moderate/moderate Not Cleared 
since the last full (no more than 2 
backup sets) 


A typical strategy for a complex network would be a full weekly backup followed by an 
incremental or differential backup at the end of each day. 


* The advantage of using a full daily backup is that one tape set is only required to 

restore the system. 

The advantage of an incremental backup is that it takes less time to back up, but 

several tape sets may need to be restored before the system is operational. 

* The advantage of a differential backup is the balance of time for both restoring and 
backing up. 


Caution: Do not combine differential and incremental backups. Use full backups 
interspersed with differential backups, or full backups interspersed with incremental 
backups. 


@ Note: Most software also has the capability to do copy backups. These are made outside 


the tape rotation system (ad hoc) and do not affect the archive attribute. 


RECOVERY IMAGES 


A custom recovery image contains the current state of the operating system files, plus 
all of the desktop applications installed to the boot partition. An image can be used to 
restore the OS and any critical applications to a workstation or VM in one step. A new 
image must be created if any additional applications are installed or configuration 
changes made. 
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If user account profiles are stored on the same partition or drive as the OS, this user 
data will be included in the image. As images take a relatively long time to create, it is 
better to back up user data separately using file level backups. User profiles or home 
folders might be stored on a network file server to make them easier to back up. 


BACKUP TESTING 


Before you use a backup to restore data, test it to make sure it's reliable. To test the 

backup: 

* Try restoring some of the backed-up data into a test directory, making sure you 
don't overwrite any data when doing so. 

* Configure the backup software to verify after it writes. 

* Verify that the backup contains all the required files. 

* Test backup devices and media on a regular basis. 


OFF-SITE AND LOCAL STORAGE 


Typically, the backups you create are stored off-site. If disaster strikes the facility where 
your servers are located, you won't lose your backup media as well. You might want to 
keep a set of backup media on site as well, so that you have instant access to the 
backups in case files are accidentally deleted or corrupted. For off-site storage, you 
might use a bank safety deposit box for small organizations, or you might contract with 
a firm that specializes in securely storing backups. Cloud storage services provide an 
effective means of storing backed up data off-site. Specialist cloud backup providers 
allow the scheduling and data transfer all to be managed from the cloud console. For 
on-site storage, consider using a fireproof safe. 

Wherever you decide to keep your backups, environmental considerations must be 
taken into account. Do not store the backups where there is high heat or humidity, 
which could damage the backup medium. Be sure not to store the backups near 
equipment with strong magnets that could erase the data and damage the backup 
media. 


BACKUP STORAGE SECURITY 


There are various best practices for ensuring security of backup data. They include: 


* Authentication of users and backup clients to the backup server. 

* Role based access control lists for all backup and recovery operations. 

* Data encryption options for both backup transmission and storage. 

* Backup of remote clients to a centralized location behind firewalls. 

* Default data storage locations must be standardized. 

* Create a policy that defines where documents are backed up from. 

+ Use segregation of duties enforced by policy for all personnel handling backup data. 
* Document all access, testing, backup, and restore cycles. 


ACCOUNT RECOVERY 


Users are likely to have several different accounts to maintain, each with its own 
password and login name. Frequently, users will forget the password for an account or 
there may be some sort of fault preventing use of a smart card or biometric 
credentials. Usually to recover an account password, you will need to input the 
answers to one or more challenge questions and/or receive a token sent to another 
trusted device or email account. 


If password recovery methods do not work, or if the account profile has been deleted 
or corrupted, you might need to recreate the account or set up a new account then 
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import any backed up data and settings to the new account. Windows uses an SID to 
identify each account in file ACLs. If you recreate an account, it will not have the same 


SID and you will have to reconfigure file permissions and group memberships. 


© Note: If an account profile is corrupted, the key required to decrypt files encrypted using 


EFS might be lost or damaged. The key is based on the user password. On a domain, you 
can configure recovery agents with the ability to restore the encryption keys. 


GUIDELINES FOR IMPLEMENTING DISASTER RECOVERY 
AND PREVENTION METHODS 


Here are some guidelines to follow to help you implement disaster recovery and 
prevention. 


IMPLEMENT DISASTER RECOVERY AND PREVENTION METHODS 


Consider these guidelines when implementing disaster recovery and prevention 
methods: 


A disaster recovery plan should: 

* Identify scenarios for natural and man-made disasters and options for protecting 
systems. 

* Identify tasks, resources, and responsibilities for responding to a disaster. 

* Train staff in the disaster planning procedures and how to react well to change. 

Perform backups of data and configuration files on a regular basis. This might be at 

the file level or the image level. Critical applications should also be backed up. 

Determine the frequency of backups. This might be hourly, daily, weekly, monthly, 

or some other interval appropriate for the data and information in your 

organization. 

Determine data retention needs in both the short and the long term. 

Determine whether you need to perform full, incremental, or differential backups. 

Create a custom recovery image for use in restoring a computer. 

Be aware that when you restore data from a backup, the data is only as current as 

the backup from which you are restoring, so some data might need to be recreated. 

Test backups after they are created. 

Determine where backups will be stored both locally and offsite. 

Document the account recovery methods that will be needed for any systems, 

applications, or websites used by the organization. 


that supplement the content for this lesson. 


>) Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
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Activity 18-4 


Discussing Disaster Prevention and 
Recovery 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. At which general levels are backups made to facilitate disaster recovery? 


2. What tests can you perform to ensure the integrity of backup settings and 
media? 


3. For which backup/restore issue is a cloud-based backup service an effective 
solution? 


4. What provisions can you make for account recovery? 
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Activity 18-5 


Configuring Windows Backup 


BEFORE YOU BEGIN 
Complete this activity using Hyper-V Manager and the PC1 (Windows 10) VM. 


SCENARIO 

In this activity, you will look at how File History and Windows Image Backup can be 
used to facilitate disaster recovery. You cannot attach removable media to the VM, so 
you will use a second virtual hard disk (VHD) for this activity to simulate a removable 
drive. 


1. Attach a second virtual hard disk to PC1. Name it BACKUP and use the default 
capacity (127 GB). 
a) Onthe HOST computer, in Hyper-V Manager, right-click PC1 and select Settings. 


b) Select the SCSI Controller node and then, with Hard Drive selected in the box, select 
the Add button. 


c) Select the New button. 

d) Onthe Before You Begin page, select Next. 

e) With Dynamically expanding selected, select Next. 

f) Inthe Name box, type BACKUP In the Location box, type C:\COMPTIA-LABS\TEMP and 
then select Finish. 


g) Inthe Settings dialog box, select OK. 


2. Start the VM and sign in as Admin. Initialize the new disk and format it with NTFS. 

a) Start the PC1 VM and sign on using the account Admin and password Pa$$w0rd 

b) Right-click Start and select Disk Management. 

c) Inthe Initialize Disk dialog box, select OK. 

d) Inthe bottom of the window, right-click the Unallocated box on Disk 1 and select 
New Simple Volume. 

e) Inthe New Simple Volume Wizard, select Next twice to use all the available space 
on the disk. 


f) | Onthe Assign Drive Letter or Path page, from the list box, select B and then select 
Next. 


g) Inthe File system box, verify that NTFS is selected. In the Volume label box, type 
BACKUP and then select Next. 


h) Select Finish. 
i) Close Disk Management. 


3. Turn on File History for the BACKUP drive, and configure File History to include 
the C:\LABFILES folder. 
a) Open the Documents folder, and create some Paint files and some text files. 
You will use these as sample data for the backup. 
b) Click in the Instant Search box, type backup and then select Backup settings icon 
from the search results. 
c) Inthe Settings app, select Add a drive. 
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d) Inthe left pane, select BACKUP (B:). 
Note: If Settings crashes, open it again and re-select the BACKUP (B:) drive. 


The Automatically back up my files toggle should be switched to On. 


Settings - x 


M Home Backup 


Back up your files to another drive and restore them if the 
Update & Security originals are lost, damaged, or deleted. 


Automatically back up my files 
€D on 


More options 


@) 


Windows Update 
Y Windows Security 


| T Backup Looking for an older backup? 


If you created a backup using the Windows 7 Backup and 
Troubleshoot Restore tool, it'll still work in Windows 10. 


? 
Go to Backup and Restore (Windows 7) 
D Recovery 


Have a question? 


© Activation 
Get help 
A Find my device 
Îi For developers Make Windows better 


Give us feedback 


& Windows Insider Program 


Configuring File History backup. (Screenshot used with permission from Microsoft.) 
e) Select More options. 
f) Select Add a folder. Select C:\LABFILES and then select Choose this folder. 
g) Select Back up now. 
Leave the Settings app open. 


Create another File History restore point, and then explore options for restoring 
files. 


a) Open the Documents folder, and then create some more files and edit some of the 
files you created already. 


b) Inthe Settings app, select Back up now. 


Note: If the backup you started previously is still running, wait for it to finish, 
then select Back up now. 
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c) 


h) 


Click in the Instant Search box, type file history, and then select the Restore your 
files with File History icon in the search results. 


A list of backed up folders is displayed, including LABFILES. 


Te Home - File History = o x 


> ~v 1T [Home vio] Search All p ñ X 


Sunday, November 25, 2018 2:00PM | 1 of1 


BBBBERBRSER 


swt 3D Objects Contacts Desktop Documents Downloads Favorites 
mm | 
LABFILES Links Music OneDrive Pictures Saved Searches 
Games 
] ZE] — 1] 
a = Pl = ad & 
B m <> a 
Videos Camera Documents Music Pictures Saved Videos 
Roll Pictures 


m 


21 items 


WOR 


Browsing restore points in File History. (Screenshot used with permission from Microsoft.) 
In the File History window, open the Documents folder (or library). 
Use the arrows next to the green Restore button to browse the different versions. 
Select the earliest version of one of your Paint pictures and select Restore. 
In the Replace or Skip Files dialog box, select Compare info for both files. 


If this had been a previous file version that had been deleted or damaged, the user 
could now compare the files and decide which version should be kept. 


In the File Conflict dialog box, check all the boxes and then select Continue. 


e 
< T | Home\Documents | "3 3 | À 
Copying 1 item 
1 File Conflict 
Sunday, Novemb¢ The destinat} | 0% 
Which files do you want to keep? 
4 v Replace} If you select both versions, the copied file will have a number added to its name. 
= | aiad 
Another TheS 9 Skip this Files from Documents Files already in Documents 
Sunny Day 
2 Compal 6/29/2018 6:10 AM . 11/25/2018 12:54 PM 
S , 157 KB 4 , 172 KB 
medren n. wer teen. 
More detail 
2items 1 item selected 157 KB 
4 
Skip 0 files with the same date and size Continue Cancel 


Restoring a file. (Screenshot used with permission from Microsoft.) 
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Create a system image and save it to the BACKUP folder. 

a) Right-click Start and select Run. In the box, type control /name 
microsoft.backupandrestore and then select OK. 
You can use the control command to open any Control Panel applet, if you know 
what its name is. 

b) Select Create a system image. 

c) Inthe Create a system image wizard, with BACKUP (B:) selected, select Next. 

d) Select Start backup. 
It will take a few minutes for the image to be created. 

e) When backup is complete, in the System repair disc prompt, select No. 

f) Select Close. 

g) Optionally, use the Set up backup link to view the older Windows backup tool. 
This is the interface you would need to use to back up a Windows 7 PC. 


Ws Backup and Restore (Windows 7) = x 
+ w% «< System and Security > Backup and Restore (Windows 7) v® Search Control Pane Pp 
Q^ 
Control Panel Home x 
Back up or restore your files 
9 Turn off schedule m 
Backup in progress... 
9 Create a system image b I Oview Details 
9 Create a system repair disc 
Backup 
Location: BACKUP (B:) Back up now 
a 
108.02 GB free of 126.98 GB 
= Backup size: Not Available 
Next backup: In progress... 
Last backup: Never 
Contents: Files in libraries and personal folders for all users, 
selected folders and system image 
Schedule: Every Sunday at 7:00 PM 
9 Change setting 
Restore 
re You can restore your files that were backed up on the current Restore my files 
SRA location. 
Security and Maintenance Qr: store all users’ files 
File History @Select another backup to 
v 


Windows Backup and Restore. This tool is available in Windows 7 and you may prefer to 
use it in Windows 10 too. (Screenshot used with permission from Microsoft.) 


Shut down PC1 and then export the VM so that you can use the BACKUP drive in 
another VM. 

a) Shut down PC1. 

b) In Hyper-V Manager, right-click the PC1 VM and select Checkpoint. 

c) Inthe Checkpoints pane, right-click the new checkpoint and select Export. 

d) In the Export Virtual Machine dialog box, select Browse. 

e) Select the C:\COMPTIA-LABS\TEMP folder. Select the New folder button and create a 


new folder named VMBACKUP. With the VMBACKUP folder selected, select the 
Select Folder button. 


f) Inthe Export Virtual Machine dialog box, select Export. Wait for the Status column 
to clear. 


Obviously, you could have performed a backup of the VM by doing this in the first 
place, but the point of this exercise is to demonstrate approximately how image 
backup would work on a physical machine. The procedure to mimic the rescue disc is 
a bit more convoluted because you don't have a VM that can burn DVDs, and there's 
no simple option to create a file-based ISO rescue disc. 
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This will take about 10 minutes to complete. 


7. Create anew VM, and attach the exported BACKUP virtual disk file as a second 


disk. 


a) 
b) 
c) 
d) 


n) 


In Hyper-V Manager, in the Actions pane, select New—Virtual Machine. 

On the Before You Begin page, select Next. 

In the Name box, type RESTORE 

Check the Store the virtual machine in a different location box. In the Location 
text box, type C:\COMPTIA-LABS\TEMP\VMBACKUP and then select Next. 

Select Generation 2 and select Next. 

Select Next to accept the default memory allocation. 

From the Connection list box, select vLOCAL. Select Next. 

Select Next to accept the default disk configuration. 

Select Install an operating system from a bootable image file. Select the Browse 
button and select C:\COMPTIA-LABS\win10.iso or a file location and name as 
suggested by your instructor. Select Open. 

Select Finish. 

In Hyper-V Manager, right-click the RESTORE VM and select Settings. 


Select the SCSI Controller node and then, with Hard Drive selected in the box, select 
the Add button. 


Select the Browse button. Select C:\COMPTIA-LABS\TEMP\VMBACKUP\PC1\Virtual 
Hard Disks\BACKUP.vhdx and then select Open. 


In the Settings for RESTORE dialog box, select OK. 


8. Use the product disc to boot the new VM, and then use the Recovery Environment 
to restore the image from the BACKUP drive. 


a) 
b) 


i) 
i) 


Double-click the RESTORE VM icon to open a connection window. 
In the Virtual Machine Connection window, select the Start button. 


When you see the message Press any key to boot from CD or DVD, press a key. If 
you miss this, press CtrI+Alt+End to reboot and try again. 


In the Windows Setup dialog box, select Next. 

Select Repair your computer. 

In the Windows Recovery Environment, select Troubleshoot. 
Select System Image Recovery. 

With Use the latest available system image selected, select Next. 


à. Re-image your computer 
Select a system image backup 


This computer wil be restored using the system image. 
Everything on this computer will be replaced with the 
information in the system image. 


Troubleshooting information for BMR: 
http://go.microsoft.com/fwlink/p/?Linkid=225039 


@ Use the latest available system image (recommended) 


Location: | BACKUP (C:) 
11/25/2018 1:30:03 PM (GMT-8:00) 


Computer: ES 


Date and time: 


O Select a system image 


Cancel 


Performing a system image restore. (Screenshot used with permission from Microsoft.) 
Do not change any restore options. Select Next. 
Select Finish and then confirm the prompt by selecting Yes. 
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This will take about 5 minutes. 

k) | When the Re-image your computer process is complete, the VM will reboot. Select 
Restart now if necessary. 

1) In the Connect to RESTORE dialog box, select an appropriate screen resolution and 
then select the Connect button. 

m) Signin as Admin with the password Pa$$w0rd. Open the Documents folder, and 
verify that the files you created are present. You could also check that File History is 
still configured. 

A system image backup preserves the exact configuration of the OS system and boot 
drives as they are at the time the image was created. You have included some 
"personal" data files in this image. This isn't really best practice. Keep the tasks of 
maintaining system images and using file-level backup separate. 


You need to revert the changes you made and delete the VM you created. Please 

complete these steps carefully to ensure the other activities continue to function 

as expected. 

a) Onthe RESTORE VM, from the connection window, select Action—Revert. If you are 
prompted, select the Revert button to confirm. 

b) In Hyper-V Manager, right-click the RESTORE VM and select Delete. In the 
confirmation dialog box, select Delete. 

c) Select PC1. In the Checkpoints pane, right-click the Initial Config checkpoint and 
select Apply. In the confirmation dialog box, select Apply. 

d) Inthe Checkpoints pane, right-click the dated checkpoint and select Delete 
Checkpoint. In the confirmation dialog box, select Delete. 

e) Open File Explorer and delete the contents of the C:\COMPTIA-LABS\TEMP folder. 


Lesson 18: Implementing Operational Procedures | Topic D 


1032 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


Topic E 


Basic Scripting Concepts 


EXAM OBJECTIVES COVERED 
A 1002-4.8 Identify the basics of scripting. 


Many IT support tasks are quite straightforward but repetitive. Whenever people are 
called upon to perform repetitive tasks, there is quite a high chance that they will make 
mistakes. Developing scripts to automate these repetitive tasks means that they can be 
performed with greater consistency. Also, if you want to change something about the 
configuration, it is easier to tweak the script than to adjust a large number of desktops 
or user accounts manually. As a CompTIA A+ technician, you are highly likely to work in 
environments that make use of scripting. You should understand the basics of how a 
script is written and executed. 


SCRIPT FILES 


A script file is a text document containing commands. The commands might be 
operating system commands that are run in the order they are listed in the script file. 
In other cases, the script file lists instructions from a particular scripting language that 
are interpreted by a command interpreter designed for that particular scripting 
language. When you access a script file, if the appropriate interpreter is installed on the 
computer, the instructions contained in the file are run or executed. You can also 
open the script file in any text editor, such as Windows Notepad. 


Note: You can modify any script in a basic text editor such as Notepad, but using a text 
editor with script support is more productive. Script support means the editor can parse 


the syntax of the script and highlight elements of it appropriately. For complex scripts, 
you might use an Integrated Development Environment (IDE). This will provide 
autocomplete features to help you write and edit code and debugging tools to help 
identify if the script is executing correctly. 


SCRIPTING LANGUAGES 


In computer programming, there are several types of instruction sets. 

* One is a compiled program, in which the instructions are performed by the 
computer processor. Examples of compiled language programs are Perl, Java™, C, 
and C++®. 

* The second type is a script, in which the instructions are interpreted and carried out 
by another program such as the operating system or a command interpreter. 

« Examples of script languages include Visual Basic®, Python®, and JavaScript® 
scripts. These are general purpose scripting languages. 

* Batch files and PowerShell® in Windows® operating systems and shell scripts in 
the Linux® operating system are also considered script files. These languages 
support the automation and configuration of a particular operating system. 

e Most languages can call (or "wrap") system commands as part of the code and can 
therefore also be used for scripting. 


File extensions for each of these scripting languages are shown in the following table. 
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Windows batch file 
PowerShell 

Linux shell script 
VBScript 

JavaScript 

Python 
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File Extension 


.bat 
.pst 


‘Py 


Whatever language is used to create it, a script is usually a smaller piece of code thana 
program. A script is generally targeted at completing a specific task, whether that task 
is based within a web-based application or is used by a network administrator to 
perform a repetitive administrative task. Although a program usually provides some 
sort of unique functionality, anything a script does could usually be performed 


manually by a user. 


Writing scripts is a good place to learn the basics about programming. They are usually 
simpler to learn, require no compiling, and are well documented on the Internet 
should you require guidance or samples. 


BATCH FILES 


Batch files are a collection of command-line instructions that you store in a .BAT file. 
You can run the file by calling its name from the command-line, or double-clicking the 
file in File Explorer. Generally, batch file scripts run from end to end, and are limited in 
terms of branching and user input. 


By iPaddress - Notepad 


File Edit Format 
@echo off 


View Help 


Ipconfig /all > report.txt 

Echo Press a key to view report 
Pause > nul 

Notepad report.txt 


An example of a Windows batch file. (Screenshot used with permission from Microsoft.) 


WINDOWS POWERSHELL 

Windows PowerShell enables you to perform management and administrative tasks in 
Windows 7 and later. It is fully integrated with the operating system and supports both 
remote execution and scripting. To help create and manage your Windows PowerShell 
scripts, Microsoft provides the Windows PowerShell Integrated Scripting Environment 


(ISE). 
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® Windows PowerShell ISE 


File Edit View Tools Debug Add-ons Help 

DeU ar 9 >a 8\|elia|Boao|ma, 

Untitled1.ps1* X >] 
1 Import-module ActiveDirectory 
2 creds = Get-Credentia 


3 &Get-Content ".\users.txt" % { 
4 calcite -Credential $creds -Identity Marketing -Member $_ 
2 


sers\Andrew> 


| Ln 1 Col31 100% 


Windows PowerShell ISE. (Screenshot used with permission from Microsoft.) 


LINUX SHELL SCRIPT 


In Linux, a shell script is the equivalent of a Windows batch file. A shell script is a file 
that contains a list of commands to be read and executed by the shell. Frequently used 
commands can be stored in a shell script for repeated use. Every shell script starts with 
a line that designates the interpreter. This line instructs the operating system to 
execute the script. Shell scripts allow you to perform various functions. These functions 
include automation of commands and tasks of system administration and 
troubleshooting, creation of simple applications, and manipulation of text or files. 


File Edit View Terminal Tabs Help 
#!/bin/bash 
echo “Good Morning $USER. Please fill in your timecard.” 


An example of a Linux shell script open in a text editor. 


VBScript 

VBScript is a scripting language based on Microsoft's Visual Basic programming 
language. VBScript is often used by network administrators to perform repetitive 
administrative tasks. With VBScript, you can run your scripts from either the command- 
line or from the Windows graphical interface. Scripts that you write must be run within 
a host environment. Windows 10 provides Internet Explorer, IIS, and Windows Script 
Host (WSH) for this purpose. 
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IB) test - Notepad = o x 
File Edit Format View Help 
highnumber = 50 
lownumber = 10 
count = 0 
Title = "Number count" 
for i = 1 to 10 

randomize 

displaynumber = int((highnumber - lownumber + 1) * rnd + lownumber) 
wscript.echo displaynumber 
if displaynumber > 25 then 

count = count+1 

End If 
Next 
Msg = Cstr(Count) + " numbers are greater than 25" 
msgbox Msg, vbok, Title 


Visual Basic Script in Windows 10. (Screenshot used with permission from Microsoft.) 


Note: You would now normally use PowerShell for Windows automation tasks. You might 
need to support legacy VBScripts, though. 


JavaScript 


JavaScript is a scripting language that is designed to create interactive web-based 
content and web apps. The scripts are executed automatically by placing the script in 
the HTML code for a web page, so that when the HTML code for the page loads, the 
script is run. 


PROJECT BUILD 


An example of JavaScript code. 
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PYTHON 


Python is a general-purpose programming language that can be used to develop many 
different kinds of applications. It is designed to be easy to read and program using 
much fewer lines of code when compared to other programming languages. The code 
runs in an interpreter. In Windows, a default interpreter called CPython is installed with 
the Python development tools supplied by the Python Software Foundation 
(python.org). Python is preinstalled on many Linux distributions. 


AE MyProject - [C\Users\Student01\Desktop\MyProject] - ...\wordcount.py - PyCharm Community Edition 34.1 — o x 


File Edit View Navigate Code Refactor Run Tools VCS Window Help 
E MyProject > @ wordcount.py 


E? Project X © = &- I | kÆ wordcount.py x 
O MyProject 1 —author_ -= '' a 
© wordcount.py 2 


hy External Libraries 3 *»"This program counts the number of times each unique word appears in 
4 a text file. The results are output to the command line, and the user 

5 is given the option of printing the results to a new text file."”" 

6 

7 user_input = input("Please enter the path and name of the text File you want” 
e " to analyze. (E.g.: C:/Users/Monty/Desktop/file. txt) :" 

3 "\n") 


12 print (user input) 


ut ("How big (in megabytes) is your input file? *) 


ii 

16 

18 print (response. format (3ize_in_bytes) ) 
9 
o 
2 
3 
4 
5 
6 


* 1000000 

= "Your file size of " + size_query + " megabyte is equal to {} bytes.” 
2 common word = input("Would you like to strip common words from the results? (Y/N) ") 
21 
2 print (common_word) 
2 
2 user output = input("\nWould you like to output these results to a file? (Y/N) ") 
2 
2 print (user_output) 
2 

An example of Python code. 


BASIC SCRIPT CONSTRUCTS 


In order to write a script in a particular language, you must first understand the 
structure and syntax of the language. Most scripting languages share similarities in 
their structure and syntax, but it is important to use the specific syntax correctly as any 
errors will cause the code to not run. 


COMMENT SYNTAX 


It is important to use comments in code to assist with maintaining it. A comment line is 
ignored by the compiler or interpreter. A comment line is indicated by a special 
delimiter, such as double forward slash (//), hash (#), or apostrophe ('). The following 
table identifies the syntax used to add comments to various languages. 


Scripting Language Comment Syntax 
Windows batch file Rem Comment text is added here 
or 
:: Comment text is added here 
PowerShell script # Comment text is added here 
Bash shell script # Comment text is added here 
VBScript "Comment text is added here 
JavaScript // Comment text is added here 
Python # Comment text is added here 
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An identifier is used in a program to access a program element, such as a stored 
value. For example, you might assign the identifier FirstName to a stored value that 
contains a user's first name. In essence, an identifier is a label for something within 
your program. If your identifier stores data, then it will be either a variable or a 


constant. 


Type 
Variable 


Constants 


A variable contains a value that can change during the execution of the 
program. This value might be a text string, a number, or any other data 


Variables are usually declared, defined as a particular data type, and 
given an initial value at the start of the routine in which they are used. It 
is often possible to use undeclared variables, but this can make code 
harder to read and more prone to errors. 


Using the example of a first name, it's important to understand that 
although a person's name might not change, if you use a programmatic 
technique to reference a user's name without knowing which user you're 
referring to, then, as far as the program is concerned, that is a variable. 
You can assign a value to a variable using fairly simple code. For 
example, the following pseudocode declares the FirstName variable to 
store a string value with an initial value Andy, then sets it to a value from 
a data store: 


declare FirstName as String = "Andy" 


= find LastLoggedOnUser and get Forename 


print FirstName 


Running this code might produce the following output: 


A constant is a specific identifier that contains a value that cannot be 
changed within the program. For example, you might want to reference 
the numerical value for the screen dimensions or resolution. 


ENVIRONMENT VARIABLES 


An environment variable is a storage location in the environment of the operating 
system's command shell. For example, when you are entering directory paths as 
arguments in a script automating some task in Windows, you may not know exactly 
which locations were chosen for installation. The shell recognizes some system 
variables and replaces the correct path when one of these is used. Some of the 
common variables include: 

* %SystemDrive%—for example, "C:" 

* %SystemRoot%—for example, "C:\Windows" 

* %UserName%—for example, "George" 

* %HomeDrive%—for example, "C:" 

* %HomePath%—for example, "\Users\George" 


In Windows, you can view the full list of variables by using the set command (without 
switches) at the command prompt. set also lets you create and modify new variables. 
You can also view variables through the Advanced page of the System Properties 
dialog box by selecting the Environment Variables button. 
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In Linux, you use the print env or env commands to view and change environment 
variables. However, in Linux, each shell can use additional variables, configured by 
using the set command. 


Note: If you need to use environment variables outside of a batch file or shell script, each 
language will have a different syntax for reading them. 


BRANCHES AND LOOPS 


A script contains one or more statements. In the normal scheme of execution, each 
statement is processed in turn from top to bottom. Scripts are used for tasks that are 
too complex to be completed as a simple series of statements, though. In this case, 
you can change the order in which statements are executed based on logical 
conditions evaluated within the script. There are two main types of conditional 
execution: branches and loops. 


BRANCHES 

A script runs from the start to the end unless you instruct it to deviate from this path. 
One way of doing so is to create a branch, which is an instruction to your computer to 
execute a different sequence of instructions. You use branches to control the flow 
within your program. 

For example, you might create a branch based on a condition; you might verify that a 
number has been entered correctly. If it has, then one thing happens, and if it has not, 
then something else happens. This is a conditional branch. 

For example, in the following pseudocode, the value of a variable called 
DisplayNumber is compared to 25. If DisplayNumber is greater than 25, then 
a variable called Count is incremented by 1. If DisplayNumber is less than 25, no 
action occurs and the variable Count remains the same. 


If DisplayNumber > 25 Then 
Count = Count+1 
End If 


LOOPS 
Loops are similar to branches in as much as they deviate from a linear sequence of 
statements according to some sort of logic condition. However, with a loop, you 
instruct your computer to perform, or repeat, a task until a condition is met. For 
example, you might create a loop that continues until a certain amount of time has 
elapsed or until a counter reaches a certain level. Then, a predetermined action might 
occur, depending upon what you want. In the following example, the program loops 
around until the value of i is 5. Then the program proceeds to the next statement. 
For a =- 1 to 5 

print i 
Next 
As well as "For" structures, loops can also be implemented by "While" statements: 
Do While i <= 100 


i = dy ae. ak 


print i 


Loop 
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statement to increment i in the Do loop example, the loop would continue forever. An 


Note: Make sure your code does not contain unintended or infinite loops. Without the 
infinite loop will make the process hang. 


OPERATORS 


Looping and branching structures depend on logical tests to determine whether to 
continue the loop or the branch to follow. A logical test is one that resolves to a TRUE 
or FALSE value. You need to be familiar with basic comparison operators: 


e ==—is equal to (returns TRUE if both conditions are the same). 
+ !=—is not equal to. 

e <—less than. 

e >—greater than. 

e <= and >=—less than or equal to and greater than or equal to. 


You might also want to test more than one condition at the same time. The logical 
operators are as follows: 


e AND—if both conditions are TRUE, then the whole statement is TRUE. 
e. OR—if either condition is TRUE, then the whole statement is TRUE. 
e XOR—if either condition is TRUE but not both, then the whole statement is TRUE. 


You can also use the negation operator NOT to reverse the truth value of any 
statement. 


BASIC DATA TYPES 


It is important to understand the different data types that a script can use. The CPU 
and storage devices in a computer only process data as ones and zeros. These 
hardware components have no conception of what the data mean. When it comes to 
writing scripts, though, data types are very important because they determine what 
sort of operations can be performed. For example, the characters "51" can be treated 
as a number value, in which case you can use the data in addition and subtraction, or 
they can be treated as a text string (representing a house number, for instance). If "51" 
is stored as a string, it must be converted before it can be used in a mathematical 
operation. 


There are different types of number values and a variety of text forms. These include: 


Data Type Description 


Integers These are whole numbers. For example: 
5, 21, or 65536. An integer data type 
consumes 1 to 8 bytes of computer 
storage. 


Floating point numbers This type can support decimal fractions 
such as 4.1, 26.4, or 5.62. A floating point 
number (or just "float") consumes 
between 4 and 8 bytes of storage. Note 
that the floating point type could store a 
whole number too (4.0, for instance). 


Boolean values These are a special numeric data type 
indicating that something is either TRUE 
or FALSE (with a 1 or 0). They consume a 
single bit of storage. 
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Data Type Description 


Characters A character (or char) is a single textual 
character, and can be a letter of the 
alphabet, a symbol, or, indeed, a 
numerical character. For example: a, D, 7, 
$, @, #. These consume one byte of 
storage. Note that when a number is 
entered as a character data type, you 
cannot perform any mathematical 
operations on it. 


Strings A string is a collection of text characters. 
For example: XYZ, Hello world. There is no 
real limit on the amount of storage that 
can be used by a string. Generally, you 
define the string length when you define 
the data type. 


When single or double quotes can be used to delimit a string ("Hello World"), the 
quotes are NOT part of the string itself. If you want to represent a quote character (or 
other delimiter) within a string, you have to use an escape character. For example, the 
string "John said \'Hello World\' then left again." contains two single quotes, escaped 
using the backslash character (\). 


Note: Different languages have different escape characters, but the backslash is often the 
syntax used. 


Scripting Language Escape Character 
Windows batch file %% 
PowerShell There are different escape characters for 


different circumstances. 
--% 


\ 

Linux Bash shell script \ 

VBScript To escape a single quote, enter two single 
quotes: " 


To escape a double quote, enter two 
double quotes: "" 


Use the Escape(charString) 
function to encode a string so that the 
string contains only ASCII characters. Any 


other characters are replaced with %# #, 
where ## is the hexadecimal equivalent 
to the character. 


JavaScript \ 
Python \ 


Note: To learn more, check the Video tile on the CHOICE Course screen for any videos 
that supplement the content for this lesson. 
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Activity 18-6 


Discussing Scripting 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. What is the file extension for Python script files? 


2. Which batch or scripting language is represented here? 


3. What are the characteristics of a variable? 


4. What command can you use to define an environment variable? 


5. What type of script construct is "For ... Next" an example of? 


6. What is a string? 
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Activity 18-7 


Using Windows PowerShell 


BEFORE YOU BEGIN 
Complete this activity using Hyper-V Manager and your HOST PC. 


SCENARIO 


In this activity, you will customize a PowerShell script to help you better understand 
basic code constructs. 


1. Start the PowerShell ISE as an Administrator, use the help system, and set the 
execution policy to unrestricted. 
a) Click in the Instant Search box, type powershell and then right-click Windows 
PowerShell ISE in the search results and select Run as administrator. Confirm the 
UAC prompt by selecting Yes. 


In the Integrated Scripting Environment (ISE), you write your code in the top pane and 
then use the prompt in the lower pane to run it or to execute ad hoc PowerShell 


cmdlets. 
& Administrator: Windows PowerShell ISE = Oo x 
File Edit View Tools Debug Add-ons Help 
CoG Elid Baal »>8bliezlia\Bboaol\|ma, 
Untitled1.ps1 X | AN) 


1 


PS C:\WINDOWS\system32> Get-Help 


TOPIC 
Windows PowerShell Help System 


SHORT DESCRIPTION 
Displays help about Windows PowerShell cmdlets and concepts. 


LONG DESCRIPTION 
Windows PowerShell Help describes Windows PowerShell cmdlets, 
functions, scripts, and modules, and explains concepts, including 
the elements of the Windows PowerShell language. 


Windows PowerShell does not include help files, but you can read the 
help topics online, or use the Update-Help cmdlet to download help files 
to your computer and then use the Get-Help cmdlet to display the help 
topics at the command line. 


Completed Ln 116 Col 25 100% 


Windows PowerShell ISE. (Screenshot used with permission from Microsoft.) 
b) Atthe prompt, type Get -He 1p and press Enter. If you are prompted to update 
the help file, select Cancel. Read the help file. 
c) Runthis cmdlet: Get -ExecutionPolicy 
The execution policy determines whether scripts need to be signed or not. 
d) For this activity, if the result was anything other than Unrestricted, run this cmdlet: 
Set-ExecutionPolicy -Unrestricted 


e) Ifyou needed to run the cmdlet in the last sub-step, confirm the prompt by selecting 
Yes to All. 
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As you can see, cmdlets are the basis of PowerShell. Each cmdlet is composed of a 
verb-noun phrase and can take various optional parameters. 


2. Open the script C:\COMPTIA-LABS\LABFILES\VM1.ps1, and identify the code 
constructs. Once you understand how the script works and what it is going to do, 
run the script. 


a) On the Window PowerShell ISE toolbar, select the Open Script button. and browse to 
select C:\COMPTIA-LABS\LABFILES\VM1.ps1. Select Open. 


E Administrator: Windows PowerShell ISE -= [m] x 
File Edit View Tools Debug Add-ons Help 
OEH 0 > >a EE ajaja 
Untitledi.ps1_| vm1.ps1 X e 
1 #Create a Virtual Machine, add Windows setup disc, and start 
2  $vmname "vm" 
3 Spath "C:\COMPTIA-LABS\TEMP\,' 
4 Sbootdisc "C:\COMPTIA-LABS\winl0.iso* 
5 
6 #try{Get-VM -Name Svmname -ErrorAction Stop 
7 # Stop-VM -VMName $vmname -Turnoff:$true -Confirm:$false 
8 # Remove-VM -VMName Svmname -Force 
9 # Remove-Item "Spath$vmname" -Recurse -Force 
10 # 3 
11 # catch{} 
12 # Ffinally{ 
13 New-VM -Name $vmname -Path $path -Generation 2 -MemoryStartupBytes 512mb -NewVHDPath "$vmname.VHDX" 
14 Add-VMDvdDrive -VMName Svmname 
15 Set-VMDvdDrive -VMName Svmname -Path Sbootdisc 
16 Set-VMFirmware Svmname -FirstBootDevice ( Get-VMDvdDrive -VMName $vmname ) 
17 Get-VM $vmname Start-VM 
is #} 


: \WINDOWS\system32> 


Ln1 Coll 100% 


Examining the first version of the VM script. (Screenshot used with permission from 
Microsoft.) 
b) Look at line 1 in the script. 
This is a comment describing the function of the script. Such preceding comments 


might also include the date of last revision, identify the responsible developer, explain 
the use of any parameters the script takes, and so on. 


c) Look at the other comment lines, noting the green highlighting. 


These contain code, but this code will not execute while the lines are commented. 

d) Look at lines 2 through 4. 
These lines declare variables. Each variable name is preceded by $ (this is a 
PowerShell convention) and is set to an initial value by using the equals sign (=). Each 
variable is set to a string value, enclosed in single quotes. Note the color-coding for 
the variables and the strings. 


e) Look at lines 13 through 17. 


These five statements contain the code that will execute. Various cmdlets are used to 
create a new Hyper-V VM, assign the Windows setup ISO file to its emulated DVD 
drive, and then start the VM. 


f) Inline 13, observe the way the parameters are set and the color coding for the 
different values. Note the use of a variable plus a literal string to identify the path for 
the virtual disk. 


This parameter uses double quotes to allow the variable to be substituted during 
execution. 

g) Atthe prompt, runGet-Help New- VM to see all the parameters that could 
have been used. 


h) Inline 16, observe that a parameter is set by using another cmdlet within 
parentheses. 


i) In line 17, observe that the result of the Get - VM cmdlet is piped to the Start - 


VM cmdlet. 
j) Select the Run Script button. 


Lesson 18: Implementing Operational Procedures | Topic E 


1044 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


m) 


Open Hyper-V Manager and verify that VM is present and running. 

Open a connection window for this new VM, press CtrIl+Alt+End, and then when you 
see the prompt, press a key to boot from the setup disc. 

If you needed to create a large number of VMs, using a script would save a lot of time 
compared to completing the New VM wizard over and over. 

Close the connection window, but leave the VM running. 


3. Try to run the script again, and see if you can resolve the error. 


a) 


b) 


c) 
d) 


In the ISE window, select the Run button D and observe the error messages. 

One of the greatest challenges in developing effective scripts is to anticipate and 

account for errors. There are two ways you could approach this one. 

* You could change the value of the $vmname variable so that the script creates a 
different VM. 

* Or you can enable the T r y code block to check whether a VM of that name exists 
already. 

You'll take the second approach for this activity. 

For each line of code in 6 through 12 and 18, remove the # comment character from 

the start of the line. As you uncomment each line, observe how the ISE highlights 


errors in the structure of the code. When you uncomment the last line, the errors will 
be resolved. 


Save the file and then run it again. 
Verify that the VM thumbnail in Hyper-V Manager is back to the boot sequence. 
This is a new version of the VM. 


The Try block is one example of branching code. It is specifically designed to catch 
an error. In this script, if Ge t - VM cannot return a VM object with the name declared 
by $vmname, the other statements within Tey { ... } to stop the VM and 


remove it are not executed. The statements within the Finally { ... } 
block to create the new VM are executed in either case, however. 


4. This script might be considered a little bit destructive if you ran it without 
understanding what it could do. What if you had spent hours installing Windows 
and third-party applications to VM and then another tech ran this script? Linux 
users might be quite happy with no opportunity to cancel, but Windows users are 
accustomed to having the chance to think about whether they really want to run a 
command. To accommodate this, you will add a prompt to the script. You will 
probably need to follow the guided steps and use the sample provided to 
accomplish this task. 
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Close the vm1.ps script and open vm2.ps1. 


& Administrator: Windows PowerShell ISE = o x 
File Edit View Tools Debug Add-ons Help 


Head é O > B B a| a Bool, 


Untitled1.ps1 | vm2.ps1 X A) 


#Create a Virtual Machine, add Windows setup disc, and start 
Svmname "vm" 

$path "C:\COMPTIA-LABS\TEMP\,* 

Sbootdisc "C:\COMPTIA-LABS\win10.iso" 


Sprompt System. Windows .MessageBox Show('This script will create a new VM. Any prior VM created by this 
Sif (S$prompt "OK") { 
S try{Get-VM -Name $vmname -ErrorAction Stop 


WONDUAWNE 


Stop-VM -VMName $vmname -Turnoff:Strue -Confirm:$false 
10 Remove-VM -VMName $vmname -Force 
11 Remove-Item "$path$vmname" -Recurse -Force 


} 
13 catch{} 
146 Ffinally{ 
15 New-VM -Name Svmname -Path Spath -Generation 2 -MemoryStartupBytes 512mb -NewVHDPath "Svmname.VH 
16 Add-VMDvdDrive -VMName Svmname 
17 Set-VMDvdDrive -VMName Svmname -Path Sbootdisc 
18 Set-VMFirmware Svmname -FirstBootDevice ( Get-VMDvdDrive -VMName $vmname ) 
19 Get-VM Svmname Start-WM 


PS C:\WINDOWS\system32> 


Completed Ln 1 Col1 100% 


Examining the second version of the VM script. (Screenshot used with permission from 
Microsoft.) 


Position the cursor in line 6, and select the Run Selection button. Ei 

Select OK at the prompt. 

Running portions of your code is a useful way to check that what you have added 
works. 

Look at the code in line 6. 

It defines a variable that gets its value from a system-generated prompt dialog box. 


The parameters control the text in the dialog box, the type of buttons, the icon used, 
and so on. 


In the lower prompt window, run write $prompt 


The value is set to OK. The value of the variable persists even though you only ran a 
portion of the code. Its value will stay the same in this PowerShell session, unless it is 
changed again by some code. 


Look at line 7. 


This version of the script wraps the previous code within an I f block. The earlier 
code will run only if the user selects OK at the prompt. 


Observe the - eq operator used to test the condition. 


Most languages would use = = as the operator for "is equal to," but PowerShell uses 
its own system of operators. Note also the parentheses used to enclose the condition. 
While many of the code constructs are similar between languages, each language has 
its own syntax. To develop code, you need to understand both the general use of 
code constructs and the syntax of particular languages. 


Look at line 21. 


This bracket closes the I f block. When you start nesting control structures, it 
becomes very, very easy to make mistakes in the code syntax. Using different indents 
for these blocks can help you to keep track of the code structure. 

Use the Arrow keys to move the cursor between the curly brackets in lines 20 and 21. 
Observe how the matching bracket is highlighted in the earlier code (line 21 matches 
with line 7, while line 20 matches with line 14). 

Run the whole script again to test it. At the prompt, select Cancel. 

Run the script again, selecting OK at the prompt. 
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5. 


Now, what if you want to create more than one VM? Can you suggest what sort of 
control structure you could add to the script to accomplish that? View the 
vm3.ps1 script for a solution. 


a) 


b) 


c) 


d) 


e) 


f) 


8) 


Close the vm2.ps script and open vm3.ps1. 


8 Administrator: Windows PowerShell ISE = x 
File Edit View Tools Debug Add-ons Help 

Cee E E i O A BB + a Boota, 

Untitled1.ps1 | vm3.ps1 X e 


1 #Prompt user for number of Virtual Machines to create (up to 5), add Windows setup disc, and start 
2  $vmname "vM' 

3 $path "C:\COMPTIA-LABS\TEMP\," 

4 Sbootdisc "C:\COMPTIA-LABS\win10. iso" 

5 

6 


System. Reflection. Assembly] : :LoadWithPartialName( "Microsoft. VisualBasic’) Out-Null 


int] Sprompt Microsoft. VisualBasic. Interaction InputBox('This script will create and start between 1 an 
8 Gif (S$prompt 5) { 
9 È for ($i=1;$i Sprompt;$i++) { 
10 EÈ try{Get-VM -Name "Svmname$i" -ErrorAction Stop 
11 Stop-VM -VMName "S$vmname$i" -Turnoff:Strue -Confirm:$false 
12 Remove-VM -VMName “Svmname$i" -Force 
13 Remove-Item (Spath “$vmname$i") -Recurse -Force 
14 } 
15 catch{} 
16 E finally{ 
17 New-VM -Name "$vmname$i” -Path $path -Generation 2 -MemoryStartupBytes 512mb -NewVHDPath "Sv 
18 Add-VMDvdDrive -VMName "Svmname$i" 
19 Set-VMDvdDrive -VMName "Svmname$i" -Path Sbootdisc 
20 Set-VMFirmware “Svmname$i" -FirstBootDevice ( Get-VMDvdDrive -VMName “SvmnameSi” ) 
21 Start-VM "Svmname$i” 
22 } 
23 } 
24 [} 
Completed Ln 1 Col1 100% 


Examining the third version of the VM script. (Screenshot used with permission from 
Microsoft.) 
In lines 6 and 7, observe that a different method is used to open a dialog box. 
This script uses a form with a control that can capture input. The script leverages a 
built-in Visual Basic form to do this. 
Look at line 7. Can you see the difference in the way the variable is declared, 
compared to the previous version of the script? 


PowerShell demonstrates more flexibility than most programming languages when it 
comes to variable data types. The execution engine will try to dynamically change (or 
cast) a variable to fit the use to which it is being put. This can lead to unexpected 
results, however. If the script uses a variable in a way that depends on a certain data 
type, it is much better to explicitly declare the variable as that type. In PowerShell, you 


can set the type explicitly by using square brackets and the type, such as [ Int ] or 
[String]. 
In line 8, observe that the I f block is now testing an integer, rather than a string. 


The - Le operator means "less than or equal to." 


In line 9, observe the use of a For block to create a looping structure within the 
code. 

The variable $i is used to count the number of iterations, starting at 1. The use of 
$i++ within the condition causes the value of $ i to increase by 1 for each iteration 
of the loop. When $i exceeds the value of $p rompt, the loop exits. 

Observe the use of $ i in the cmdlet parameters to change the name used for each 
VM. 


Run the script a few times, entering different values to test that it works reliably. Note 
that there is a limit to the number of VMs that you can create. 


Each VM uses memory. If the user were to enter 100 and the script were to try to run 
the loop that number of times, the HOST computer would be quickly overloaded. 
When you are developing scripts, try to anticipate what could go wrong, as well as 
what you want to achieve. 


To finalize this activity, you need to delete the VMs you created. 


a) 


Close the PowerShell ISE window. 
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In Hyper-V Manager, Shift-click to select all the "VM" VMs. Right-click the selection 
and select Turn Off. In the confirmation dialog box, select Turn Off. 


Right-click the selection and select Delete. In the confirmation dialog box, select 
Delete. 
Open File Explorer and delete the contents of the C:\COMPTIA-LABS\TEMP folder. 
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Topic F 


Professionalism and Communication 


EXAM OBJECTIVES COVERED 
R 1002-4.7 Given a scenario, use proper communication techniques and professionalism. 


On almost every service call, you will need to interact with users who are experiencing 
problems. In this topic, you will identify best practices for PC technicians to use to 
communicate appropriately with clients and colleagues and to conduct business in a 
professional manner. 


You are a representative of your profession, as well as your company. Working with 
customers is a fundamental job duty for every A+ technician. How you conduct 
yourself will have a direct and significant impact on the satisfaction of your customers, 
and your level of professionalism and communication skills can directly affect whether 
or not you will do business with them again. 


CUSTOMER SERVICE ATTITUDE 


A service technician should not only understand technical issues but must also be a 
good communicator. It is easy to pick up facts and information but it can be much 
harder to use this information in a troubleshooting scenario requiring customer 
interaction, whether face-to-face or over the telephone. 

Learning how to deal with customers, interpret the information they give you, and 
respond to their queries can be difficult but logical problem diagnosis and successful 
techniques for working with customers go hand-in-hand. A person with poor customer 
contact ability is not likely to impress as a professional customer service technician, 
even if he or she is competent at technical problem solving. 

Remember that "customer" need not refer to someone who buys something; it can 
include any users or clients of a support service. 


Three golden rules can be applied to good customer service: 

* Be positive—project confidence, be in control, and drive the issue towards 
resolution. 

* Beclear, concise, and direct. 

* Be consistent, fair, and respectful. 


COMMUNICATION SKILLS 


There are many things that contribute to the art of communication: the words you use, 
listening effectively, and giving feedback are particularly important. 


USING PROPER LANGUAGE 

When you greet someone, you should be conscious of making a good first impression. 
When you arrive onsite, make eye contact, introduce yourself and your company, and 
shake hands. When you answer the phone, introduce yourself and your department 
and offer assistance. 


When you speak to a customer, you need to make sense. Obviously, you must be 
factually accurate, but it is equally important that the customer understands what you 
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are saying. Not only does this show the customer that you are competent, but it also 
proves that you are in control of the situation and gives the customer confidence in 
your abilities. You need to use clear and concise statements that avoid jargon, 
abbreviations, acronyms, and other technical language that a user might not 
understand. For example, compare the following scenarios: 


Scenario 1 Scenario 2 
"Looking at the TFT, can you tell me "Is a green check mark displayed on the 
whether the driver is signed?" icon?" 


The first question depends on the user understanding what a TFT is, what a signed 
driver might be, and knowing that a green check mark indicates one. The second 
question gives you the same information without having to rely on the user's 
understanding. 


While you do not have to speak very formally, avoid being over-familiar with 
customers. Try not to use very informal language (slang) and do not use any language 
that may cause any sort of offense. For example, you should greet a customer by 
saying "Hello" or "Good morning," rather than "Whassup?" or "Hey!" 


LISTENING AND QUESTIONING 

You must listen carefully to what is being said to you; it will give you clues to the 
customer's technical level, enabling you to pace and adapt your replies accordingly. 
Active listening is the skill of listening to an individual so that you give them your full 
attention and are not trying to argue with, comment on, or misinterpret what they 
have said. 


With active listening, you make a conscious effort to keep your attention focused on 
what the other person is saying, as opposed to being distracted by thinking what your 
reply is going to be or by some background noise or interruption. Some of the other 
techniques of active listening are to reflect phrases used by the other person or to 
restate the issue and summarize what they have said. This helps to reassure the other 
person that you have attended to what they have to say. You should also try to take 
notes of what the customer says so that you have an accurate record. 


y 


Listening carefully will help you to get the most information from what a customer tells you. (Image by 
goodluz © 123RF.com.) 


It is important to understand that you must not interrupt customers when they are 
speaking. Also, do not ignore what they have said. If you are rude in this sort of way, 
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the customer will form a poor opinion of you and may become less willing to help with 
troubleshooting. 


There will inevitably be a need to establish some technical facts with the customer. 
This means questioning (or probing) the customer for information. There are two 
broad types of questioning: 


* Open—a question that invites the other person to compose a response, such as 
"What seems to be the problem?" 

* Closed—a question that can only be answered with a "Yes" or "No" or that requires 
some other fixed response ("What error number is displayed on the panel?" for 
instance). 


The basic technique is start with open questions. You may try to guide the customer 
towards what information will be most helpful. For example, "When you say your 
printer is not working, what problem are you having—will it not switch on?" However, 
be careful about assuming what the problem is and leading the customer to simply 
affirming a guess. As the customer explains what they know, you may be able to 
perceive what the problem is. If so, do not assume anything too early. Ask pertinent 
closed questions that prove or disprove your perception. The customer may give you 
information that is vague or ambiguous. Clarify what they mean by asking questions 
like "What did the error message say?," or "When you say the printout is dark, is there 
a faint image or is it completely black?," or "Is the power LED on the printer lit?" If a 
customer is not getting to the point or if you want to follow some specific steps, take 
charge of the conversation at the earliest opportunity by asking closed questions. For 
example, compare the following scenarios: 


Scenario 1 Scenario 2 

"It's been like this for ages now, and I've "It's been like this for ages now, and I've 
tried pressing a key and moving the tried pressing a key and moving the 
mouse, but nothing happens." mouse, but nothing happens." 

"What does the screen look like?" "OK, pressing a key should work normally, 


"It's dark. | thought the computer was just Putas it isn't I'd like to investigate 
resting and | know in that circumstance | Something else first. Can you tell me 
need to press a key, but that's not whether the light on the monitor is 
working and I really need to get on with..." green?" 

"No, there's a yellow light though." 


In the first example, the technician asks an open question, which just lets the user 
focus on what they perceive as the problem, but which isn't producing any valuable 
troubleshooting information. Using a closed question, as in the second example, allows 
the technician to start working through a series of symptoms to try to diagnose the 
problem. 


Do note that a long sequence of closed questions fired off rapidly may overwhelm and 
confuse a customer. Do not try to force the pace. Establish the customer's technical 
level and target the conversation accordingly. A customer with little technical 
knowledge will be confused by technical information; conversely, a knowledgeable 
customer may know exactly what the problem is and will not appreciate being treated 
like a novice. On the other hand, don't assume that the customer has diagnosed the 
problem correctly. Sometimes a little knowledge is worse than no knowledge at all. 


GIVING FEEDBACK 

When you give the customer instructions—for example, if you want them to try to 
complete a series of troubleshooting steps—be clear and concise. This is where having 
a good "mental map" of the sequence of steps to any particular configuration option 
demonstrates its value. Always confirm that the customer has taken the correct step. 
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Also, you must be patient; remember that the customer probably has little idea of what 
they are doing and will proceed quite slowly. 


Firing question after question at a customer can be off-putting, especially if the 
customer does not understand what he or she is being asked to do or check. 


Technical support depends on good customer relationships. A good understanding 
between you and a customer also makes troubleshooting that much easier. This sort 
of understanding is often referred to as rapport. 


React to what you learn about the customer's technical ability, and develop the 
conversation in a positive manner to help resolve the issue. Try and form a partnership 
with the customer. Avoid using the pronoun "you," as it can imply blame and push the 
customer away from you. Consider the following: 


Scenario 1 Scenario 2 
"Have you checked that the printer is "Let's make sure the printer's turned on." 
turned on?" 


The first statement implies blame and signals that you are not prepared to accept 
responsibility for troubleshooting the problem. The second emphasizes you are willing 
to share responsibility for solving the problem and provide assistance at every step. 


PROFESSIONALISM 


Professionalism means taking pride in one's work and in treating people fairly. 

Several techniques and procedures can be used to develop an effective support 

service. You should understand these and the personal qualities that you should 
develop. 


PROPER DOCUMENTATION 


One of the key points of providing an effective support service is making it easy for 
customers to contact it. Most support takes place either over the telephone or through 
an email/web contact form. More advanced options include text messaging and 
Remote Assistance-style desktop sharing. 


Whatever the method used, the contact information and hours of operation should be 
well advertised, so that the customer knows what to do. The service should have 
proper documentation, so that the customer knows what to expect in terms of items 
that are supported, how long incidents may take to resolve, when they can expect an 
item to be replaced instead of repaired, and so on. 


PROBLEM MANAGEMENT 


Problem management means tracking and auditing support requests. Whatever the 
tools and resources used to implement problem management, the basic process of 
receiving a support request, resolving the problem, and verifying the solution remains 
much the same. 


On receiving the request (whether it is a call, email, or face-to-face contact), 
acknowledge the request and set expectations. For example, repeat the request back 
to the customer, then state the next steps, such as "I have assigned this problem to 
David Martin. If you don't hear from us by 3pm, please call me." The customer may 
have a complaint, a problem with some equipment, or simply a request for 
information. It is important to clarify the nature of these factors: 


* The customer's expectations of what will be done and when to fix the problem. 
* The customer's concerns about cost or the impact on business processes. 
* Your constraints—time, parts, costs, contractual obligations, and so on. 
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It is important not to allow the customer to form unrealistic expectations of how long 
the problem will take to solve. On the other hand, you should focus your attention on 
resolving the customer's concerns (if they are valid). Consider this exchange for 


example: 

Customer A+ Technician 

"| have to get a job application printed "Do you have another print device that 
today—you must send a technician you could use?" 

around immediately." 

"No, | only have one printer and it's not "Do you have email? You should be able 
working." to send the job application to a copy shop 


and they'll print it for you for a small fee." 


"Yes, but I'm sure | don't know about any "There's actually a location a short 

stores like that." distance from your house. If you have a 
pen and paper ready, | can give you the 
details and arrange an appointment for a 
technician to come and inspect your 
printer..." 


The course of action that you agree on must be realistic and achievable. 


Acknowledge the request and set expectations. (Image by goodluz © 123RF.com.) 


Each request must be logged as an incident or ticket so that progress on resolving it 
can be documented. Most support departments use a Call Management or Problem 
Management System for this. 


As with any communications, job tickets should be completed professionally, with due 
regard for spelling, grammar, and clarity. Remember that other people may need to 
take action using just the information in the ticket and that analysis of tickets will take 
place as part of quality assurance procedures. It is also possible that tickets will be 
forwarded to customers as a record of the jobs performed. 
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If possible, the request should be resolved in one call. If this is not possible, the call 
should be dealt with as quickly as possible, and escalated to a senior support team if a 
solution cannot be found promptly. What is important is that you drive problem 


acceptance and resolution, either by working on a solution yourself or ensuring that 
the problem is accepted by the assigned person or department. 


Create a new ticket 


James Pengelly 


Unassigned 


tomorrow, friday, next we  &@ 


5PM, 18:00, etc 


Medium 


Choose File 


TIP: Record the data you need by adding custom attributes 


Save Cancel 


Creating a ticket in the Spiceworks IT Support management tool. (Screenshot courtesy of 
spiceworks.com.) 


If a problem cannot be resolved within the course of a single call, it is imperative to 
manage the customer's expectations of when the problem will be resolved. Customers 
should not feel the need to call you to find out what's happening. This is irritating for 
them to do and means time is wasted dealing with an unnecessary call. 


If have resolved the problem, and tested that the system is operating normally again, 
you should give the customer a general indication of what caused the problem and 
what you did to fix it plus assurance that the problem is now fixed and unlikely to 
reoccur. On leaving or on ending the call, thank the customer for their time and 
assistance and show that you have appreciated the chance to help them. 


When the solution has been tested and verified and the customer has expressed 
satisfaction with the resolution of the problem, log the problem as closed. Record the 
solution and send verification to the customer via email or phone call. 
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PRIORITIZING WORK 


Time is an invaluable factor in the service industry because workload usually 
outweighs staff resources. Time management practices impact the level of service you 
are able to provide to your customers. 


Anybody who requests support will hope that their problem can be resolved 
immediately. However, this is not always possible for a number of reasons, and the 
customer's idea of an acceptable response time may vary greatly from your own. A 
formal call management system will usually allow a priority code to be assigned to a 
call. Open tickets can be monitored and re-prioritized to ensure that they do not fail to 
meet the agreed on service and performance levels. 


PUNCTUALITY AND ACCOUNTABILITY 


If a customer expects a visit—or call or email—from a service technician at a certain 
time, it is reasonable to assume that the technician will respond as promised. If it 
becomes obvious that the technician is not going to be on time, then the customer 
should be informed as soon as possible. A customer may make special arrangements 
to be with the technician at the allotted time and changes can be very annoying. 


Be accountable for your actions, both before you arrive on site and while on site. This 
usually means being honest and direct about issues, but make sure this is done in a 
positive manner. For example: 


* "I'm sorry I'm late—show me this faulty PC and I'll start work right away." 

* "The printer needs a new fuser—and I'm afraid that | don't have this type with me. 
What | will do is call the office and find out how quickly we can get one..." 

+ "I've not seen this problem before, but | have taken some notes and I'll check this 
out as soon as | get back to the office. I'll give you a call this afternoon—will that be 
OK?" 


FLEXIBILITY AND COMPROMISE 


As a service technician, you want to ensure your customer receives the best possible 
attention at all times but, unfortunately, saying no is sometimes inevitable: 


* The customer may ask that you do something beyond your control or perhaps 
beyond the terms of the service contract. 

* The customer may ask you to confirm a fact or detail beyond your control. 

* The customer may demand a replacement when a repair option is the only one 
merited by your company's procedures. 


Consider the following examples; which approach is better? 


Customer A+ Technician 


"My printer is broken again—I want a 1. "I'm sorry, we can't do that..." 


W 
replacement. 2: "I can arrange for a technician to be 


with you first thing tomorrow, and I'll 
mention to my supervisor that this is the 
second time this has occurred." 


"Can you guarantee that the technician 1: "Sorry, | can't guarantee a specific 
will be with me before 3 pm?" time." 


2: "I'll ask the technician to try and visit 
before 3 pm if possible, and I'll call you 
around 2 pm if it looks like the technician 
will be later than that—is this OK?" 
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Note: The key to saying "no" in a positive way is to offer an alternative. 


RESPECT 


Respect means that you treat others (and their property) as you would like to be 
treated. Respect is one of the hallmarks of professionalism. At a bare minimum, 
respect means not being rude or offensive. Some of the other elements are listed 
below. 


* Avoid Distractions. Do not allow interruptions when you are working at a 
customer's site. Do not take calls from colleagues unless they are work related, 
urgent, and important. Do not take personal calls or respond to texts or posts on 
social media. 


If you are speaking with a customer on the telephone, always ask their permission 
before putting them on hold or transferring their call. 


e Respect for Property and Confidentiality. 


* Do not treat customers' property carelessly. Do not use equipment or services 
such as PCs, printers, web access, or phones without permission and never for 
personal use. 

* Ifyou are visiting someone's home or office do not help yourself to food or 
drink, ask before using the bathroom, and do not attempt to snoop around 
other areas. Do not be tempted to snoop around data files on someone else's PC 
either! 

* If you find printed copies of confidential materials while performing some 
support task (bank statements or personal letters for instance), do not look at 
them, make the customer aware of them, and allow time for them to be put 
away. 

* If you are making a site visit, keep the area in which you are working clean and 
tidy and leave it as you found it. 

e Cultural Sensitivity. 


e Cultural sensitivity means being aware of customs and habits used by other 
people. It is easy to associate culture simply with national elements, such as the 
difference between the way Americans and Japanese greet one another. Within 
each nation, there are many different cultures, however, created by things such 
as social class, business opportunities, leisure pursuits, and so on. For example, 
a person may expect to be addressed using a professional title, such as a doctor 
or a judge; other people may be more comfortable speaking on a first name 
basis. It is safer to start on a formal basis and use more informal language if the 
customer signals that they are happier speaking that way. 

* You need to realize that though a person may be influenced by several cultures, 
their behavior is not determined by culture. Customer service and support 
requires consideration for other people. You cannot show this if you make 
assumptions about their cultural background without treating them as an 
individual (stereotyping). 

* Accent, dialect, and language are some of the crucial elements of cultural 
sensitivity. These can make it hard for you to understand a customer and 
perhaps difficult for a customer to understand you. When dealing with a 
language barrier, use questions, summaries, and restatements to clarify 
customer statements. Consider using visual aids or demonstrations rather than 
trying to explain something in words. 

* Also, different cultures define personal space differently, so be aware of how 
close or far you are from the customer. 
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CUSTOMER COMPLAINTS 


All customer complaints, whether they are valid or not, should be treated with equal 
seriousness. 


MAINTAIN A POSITIVE ATTITUDE 

Understand that an angry customer is usually frustrated that things are not working 
properly or feels let down (perhaps the technician arrived late). Empathizing with the 
customer is a good way of developing a positive relationship towards resolving their 
problem. Saying you are sorry does not necessarily mean you agree with what the 
customer is saying, just that you can understand their point of view. 


"I'm sorry you're having a problem with your new PC. Let's see what we can do to sort 
things out..." 


Arguing with the customer, denying that a problem exists, or being judgmental 
(assuming that the problem is of the customer's making because they do not 
understand the system properly) will only tend to lower the customer's impression of 
the service you offer. Do not try to dismiss a problem out of hand or minimize its 
importance. If the customer has taken it to the point of complaining, then clearly they 
feel that it is important; whether you consider the matter trivial is not the issue. 


Listen while the customer explains the problem and let them know that you are 
listening. On the phone, use confirmatory phrases such as "Yes," "I see," and "Uh-huh" 
from time to time to make sure the customer knows you are paying attention. Do not 
just repeat the same phrase every few seconds—the customer may think you are 
mocking them. 


If you are face-to-face with the customer, maintain eye contact and nod your head 
frequently but watch your body language. Do not fold your arms as this puts up a 
barrier. 


BE ACCURATE AND HONEST 

A common problem when dealing with customer complaints is feeling that you have to 
defend every action of your company or department. If the customer makes a true 
statement about your levels of service (or that of other employees), do not try and 
think of a clever excuse or mitigating circumstance for the failing; you will sound as 
though you do not care. 


If you have let a customer down, it is probably best to empathize while including some 
positive actions: 


"You're right—lI'm sorry the technician didn't turn up. | guarantee that a technician will 
be with you by 3pm and I'll let my supervisor know that you have had to call us. Shall | 
call you back just after 3 to make sure that things are OK?" 


On the other hand, if the customer is incorrect in their understanding of the situation, 
empathy and correction is in order: 


"I'm sorry the replacement disk hasn't arrived, but | know it was put in the mail. Would 
you be happy to wait to see whether it arrives tomorrow or should | mail another one 
to you?" 

If the customer had a valid cause to complain about levels of service or any aspect of 
your company's operation, resolve the problem and then investigate what can be done 
to ensure this type of problem never occurs again. 


DEALING WITH A DIFFICULT CUSTOMER 


It is never easy to talk to someone who is being unreasonable, abusive, or shouting 
down the telephone but it is important to be able to deal with these situations 
professionally. 
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1. Identify signs that a customer is becoming angry early (for example, raised voice, 
speaking too quickly, interrupting, and so on). Try to calm the situation down by 
using a low voice, soothing language, and focusing on positive actions. 

2. Do not take complaints personally—provided that you haven't deliberately caused 
the problem about which the customer is complaining, they are using you as a 
representative of your organization and any anger expressed in your direction is 
not personal but a symptom of their frustration. 

3. Listen and let the customer explain the problem—draw out the facts and use 
them as a positive action plan to drive the conversation forward. 

4. Hang up—if a customer is persistently abusive or threatening, issue a caution, 
then warn them about their behavior, then end the call or contact if they do not 
act reasonably. 


Let the customer vent. (Image by Wang Tom © 123RF.com.) 


BE PROFESSIONAL 


Everyone has bad days when they feel the need to get some difficult situation off their 
chest. Perhaps a customer has been particularly obtuse or foolish or perhaps someone 
has treated you unpleasantly. Find a colleague for a private face-to-face chat but under 
no circumstances should you ever disclose these types of experiences via social media 
outlets. Remember that anything posted to social media is very hard to withdraw and 
can cause unpredictable reactions. Tweeting some mistake made by someone you 
have supported is a sure way to get yourself and your company in trouble. 


GUIDELINES FOR COMMUNICATING WITH CUSTOMERS 


Here are some guidelines to follow to help you communicate effectively with your 
customers. 


INTERACT WITH CUSTOMERS 


Consider these guidelines when interacting with customers: 


* Use proper language and avoid jargon, acronyms, and slang whenever possible. 
e Maintain a positive attitude and project confidence. 

e Actively listen, take notes, and avoid interrupting the customer. 

e Be culturally sensitive. 

e Use appropriate professional titles, when applicable. 

* Beontime, and if you will be late, be sure to contact the customer. 
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e Avoid distractions, including: 


* Personal calls 
* Texting 
e Accessing social media sites 
e Talking to coworkers while interacting with customers 
e Personal interruptions 
* When dealing with difficult customers or situations: 


* Do not argue with customers or be defensive. 

* Avoid dismissing customer problems. 

* Avoid being judgmental. 

e Clarify customer statements by asking open-ended questions to narrow the 
scope of the problem, restating the issue, or asking questions to verify 
understanding. 

* Do not disclose experiences via social media outlets. 

* Set and meet expectations, adhere to the prescribed timeline, and communicate 
status with the customer. 

* If necessary, offer different repair or replacement options. 

* Provide proper documentation on the services provided. 

* Follow up with customers and users at a later date to verify satisfaction. 

* Deal appropriately with customers' confidential and private materials. This includes 
items located on a computer, desktop, printer, and in their workspace. 
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Activity 18-8 


Discussing Customer Service and 
Communication Skills 


SCENARIO 


Answer the following questions to check your understanding of the topic. 


1. How would you cope with a user who is struggling to explain the problem 
that they are experiencing? 


2. You have received an off-site service call to service a network printer at a 
customer location. When you arrive, the user is at the printer and starts talking 
about how the printer is not working properly, and he cannot get his reports 
handed in on time. 


How should you approach this user? 


3. How would you deal with a customer who is becoming abusive because you 
have taken three separate calls to deal with their problem? 


4. You are trying to troubleshoot a problem over the phone and need to get advice 
from your manager. 


How should you handle this with the customer? 


5. You are troubleshooting a print problem, which turned out to be caused by user 
error. The user is not confident that the problem is solved and wants more 
reassurance. You have already explained what the user was doing wrong in some 
detail. 


What should you do? 
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6. A user known to your department as a "frequent flyer" with regard to support 
requests calls in with a genuine but non-urgent problem. You are in the middle of 
another important job that is urgent. 


What would be the best approach? 


7. What should you be wary of if a customer phones in with a problem you 
think you have solved already? 


8. You are working on the training documentation for new A+ technicians in the 
organization. 


What should you include for dealing with difficult customers or situations? 
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Summary 


In this lesson, you implemented operational procedures, including dealing with 
environmental impacts and controls, documentation, change management, disaster 
prevention and recovery, scripting, and communication skills. With the proper tools, 
awareness of safety and environmental issues, basic communication skills, and a solid 
method to use when troubleshooting, you are prepared to do your job in a safe, 
effective, and professional manner. 


Which of the best practices discussed in this lesson apply in your workplace? 


How do you think the scripting concepts discussed in this lesson will help you at 
your workplace? 


Practice Question: Additional practice questions are available on the CompTIA CHOICE 
platform within the Assessments tile. 
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Mapping Course Content to CompTIA® 


A+® Core 1 (Exam 220-1001) 


Achieving CompTIA A+ certification requires candidates to pass exams 220-1001 and 
220-1002. This table describes where the exam objectives for Core 1 (Exam 220-1001) 
are covered in this course. 


Domain and Objective Covered in 
Domain 1.0 Mobile Devices 


1.1 Given a scenario, install and configure laptop hardware 
and components. 


* Hardware/device replacement Topic 15B 
* Keyboard Topic 15B 
+ Hard drive Topic 15B 

* SSD vs. hybrid vs. magnetic disk Topic 15B 
e  1.8in vs. 2.5in Topic 15B 

e Memory Topic 15B 
* Smart card reader Topic 15B 
* Optical drive Topic 15B 
e Wireless card/Bluetooth module Topic 15B 
* Cellular card Topic 15B 
+ Video card Topic 15B 
e Mini PCle Topic 15B 
* Screen Topic 15B 
* DC jack Topic 15B 
e Battery Topic 15B 
* Touchpad Topic 15B 
e Plastics/frames Topic 15B 
* Speaker Topic 15B 
* System board Topic 15B 
e CPU Topic 15B 

1.2 Given a scenario, install components within the display 

of a laptop. 

e Types Topic 15B 
e LCD Topic 15B 
* OLED Topic 15B 

+ Wi-Fi antenna connector/placement Topic 15B 

* Webcam Topic 15B 

* Microphone Topic 15B 

* Inverter Topic 15B 

+ Digitizer/touchscreen Topic 15B 

1.3 Given a scenario, use appropriate laptop features. 

* Special function keys Topic 15A 
* Dual displays Topic 15A 
e Wireless (on/off) Topic 15A 
e Cellular (on/off) Topic 15A 


* Volume settings Topic 15A 
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Domain and Objective 


* Screen brightness 

* Bluetooth (on/off) 

* Keyboard backlight 

* Touchpad (on/off) 

* Screen orientation 

e Media options (fast forward/rewind) 
* GPS (on/off) 

e Airplane mode 

Docking station 

Port replicator 

Physical laptop lock and cable lock 
Rotating/removable screens 


1.4 Compare and contrast characteristics of various types 
of other mobile devices. 


1.5 Given a scenario, connect and configure accessories and 


Tablets 

Smartphones 

Wearable technology devices 
* Smart watches 

e Fitness monitors 

* VR/AR headsets 

E-readers 

GPS 


ports of other mobile devices. 


Connection types 


+ Wired 
* — Micro-USB/Mini-USB/USB-C 
e — Lightning 
e  Tethering 
e Proprietary vendor-specific ports (communication/ 
power) 
+ Wireless 
* NFC 
* Bluetooth 
* IR 
* Hotspot 


Accessories 

* Headsets 

* Speakers 

* Game pads 

e Extra battery packs/battery chargers 
e Protective covers/waterproofing 

* Credit card readers 

* Memory/MicroSD 
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Covered in 
Topic 15A 
Topic 15A 
Topic 15A 
Topic 15A 
Topic 15A 
Topic 15A 
Topic 15A 
Topic 15A 
Topic 15A 
Topic 15A 
Topic 15A 
Topic 15A 


Topic 16A 
Topic 16A 
Topic 16A 
Topic 16A 
Topic 16A 
Topic 16A 
Topic 16A 
Topic 16A 


Topic 16B 
Topic 16B 
Topic 16B 
Topic 16B 
Topic 16B 
Topic 16B 


Topic 16B 
Topic 16B 
Topic 16B 
Topic 16B 
Topic 16B 
Topic 16B 
Topic 16B 
Topic 16B 
Topic 16B 
Topic 16B 
Topic 16B 
Topic 16B 
Topic 16B 
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Domain and Objective Covered in 


1.6 Given a scenario, configure basic mobile device network 
connectivity and application support. 


e Wireless/cellular data network (enable/disable) Topic 16C 
* Hotspot Topic 16C 
e Tethering Topic 16C 
e Airplane mode Topic 16C 
* Bluetooth Topic 16C 
e Enable Bluetooth Topic 16C 
* Enable pairing Topic 16C 
e Find a device for pairing Topic 16C 
* Enter the appropriate pin code Topic 16C 
e Test connectivity Topic 16C 
* Corporate and ISP email configuration Topic 16C 
* POP3 Topic 16C 
* IMAP Topic 16C 
e Port and SSL settings Topic 16C 
+ S/MIME Topic 16C 
e Integrated commercial provider email configuration Topic 16C 
* iCloud Topic 16C 
* Google/Inbox Topic 16C 
* Exchange Online Topic 16C 
* Yahoo Topic 16C 
e PRI updates/PRL updates/ baseband updates Topic 16C 
e Radio firmware Topic 16C 
+ IMEI vs. IMSI Topic 16C 
«+ VPN Topic 16C 


1.7 Given a scenario, use methods to perform mobile device 
synchronization. 


* Synchronization methods Topic 16D 
* Synchronize to the cloud Topic 16D 
* Synchronize to the desktop Topic 16D 
* Synchronize to the automobile Topic 16D 
* Types of data to synchronize Topic 16D 
* Contacts Topic 16D 
* Applications Topic 16D 
* Email Topic 16D 
e Pictures Topic 16D 
e Music Topic 16D 
* Videos Topic 16D 
* Calendar Topic 16D 
* Bookmarks Topic 16D 
* Documents Topic 16D 
e Location data Topic 16D 
* Social media data Topic 16D 
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Domain and Objective 


E-books 
Passwords 


Mutual authentication for multiple services (SSO) 
Software requirements to install the application on the PC 
Connection types to enable synchronization 

Domain 2.0 Networking 


2.1 Compare and contrast TCP and UDP ports, protocols, 
and their purposes. 


Ports and protocols 


21 - FTP 

22 - SSH 

23 - Telnet 

25 - SMTP 

53 - DNS 

80 - HTTP 

110 - POP3 

143 - IMAP 

443 - HTTPS 
3389 - RDP 
137-139 - NetBIOS/NetBT 
445 - SMB/CIFS 
427 - SLP 

548 - AFP 

67/68 - DHCP 
389 - LDAP 
161/162 - SNMP 


TCP vs. UDP 


2.2 Compare and contrast common networking hardware 
devices. 


Routers 
Switches 


Managed 
Unmanaged 


Access points 

Cloud-based network controller 
Firewall 

Network interface card 
Repeater 

Hub 

Cable/DSL modem 

Bridge 

Patch panel 

Power over Ethernet (PoE) 


Injectors 
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Covered in 
Topic 16D 
Topic 16D 
Topic 16D 
Topic 16D 
Topic 16D 


Topic 8F 
Topic 8F 
Topics 8F, 9D 
Topics 8F, 9D 
Topic 8F 
Topic 8F 
Topic 8F 
Topic 8F 
Topic 8F 
Topic 8F 
Topics 8F, 9D 
Topic 8F 
Topic 8F 
Topic 8F 
Topic 8F 
Topic 8F 
Topic 8F 
Topic 8F 
Topic 8F 


Topic 8E 
Topic 8B 
Topic 8B 
Topic 8B 
Topic 8C 
Topic 11B 
Topic 9C 
Topic 8B 
Topic 8B 
Topic 8B 
Topic 8D 
Topic 8B 
Topic 8A 
Topic 8B 
Topic 8B 


The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 1067 


Domain and Objective Covered in 
* Switch Topic 8B 
* Ethernet over Power Topic 8B 


2.3 Given a scenario, install and configure a basic wired/ 
wireless SOHO network. 


e Router/switch functionality Topic 9B 
e Access point settings Topic 9B 
* IP addressing Topic 9A 
e NIC configuration Topic 9A 
+ Wired Topic 9A 
e Wireless Topic 9A 
* End-user device configuration Topic 9A 
e loT device configuration Topic 9F 
* Thermostat Topic 9F 
* Light switches Topic 9F 
* Security cameras Topic 9F 
* Door locks Topic 9F 
* Voice-enabled, smart speaker/digital assistant Topic 9F 
* Cable/DSL modem configuration Topic 9B 
+ Firewall settings Topic 9C 
* DMZ Topic 9C 
e Port forwarding Topic 9C 
* NAT Topic 9C 
+ UPnP Topic 9C 
e Whitelist/blacklist Topic 9C 
e MAC filtering Topic 9C 
* QoS Topic 9A 
e Wireless settings Topic 9B 
* Encryption Topic 9B 
e Channels Topic 9B 
* QoS Topic 9B 
2.4 Compare and contrast wireless networking protocols. 
e 802.11a Topic 8C 
* 802.11b Topic 8C 
e 802.112 Topic 8C 
e 802.11n Topic 8C 
e 802.11aCc Topic 8C 
* Frequencies Topic 8C 
* 2.4Ghz Topic 8C 
* 5Ghz Topic 8C 
* Channels Topic 8C 
+ 1-11 Topic 8C 
* Bluetooth Topic 9F 
* NFC Topic 9F 
* RFID Topic 9F 
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Domain and Objective Covered in 
* Zigbee Topic 9F 
+ Z-Wave Topic 9F 
* 3G Topic 8D 
+ 4G Topic 8D 
* 5G Topic 8D 
e LTE Topic 8D 


2.5 Summarize the properties and purposes of services 
provided by networked hosts. 


* Server roles Topic 8F 
* Web server Topic 8F 
e File server Topic 8F 
* Print server Topic 8F 
* DHCP server Topic 8F 
* DNS server Topic 8F 
* Proxy server Topic 8F 
e Mail server Topic 8F 
e Authentication server Topic 8F 
* syslog Topic 8F 
e Internet appliance Topic 8F 
+ UTM Topic 8F 
* IDS Topic 8F 
+ IPS Topic 8F 
* End-point management server Topic 8F 
* Legacy/embedded systems Topic 8F 
2.6 Explain common network configuration concepts. 
* IP addressing Topic 8E 
* Static Topic 8E 
* Dynamic Topic 8E 
* APIPA Topic 8E 
e Link local Topic 8E 
* DNS Topic 8E 
* DHCP Topic 8E 
e Reservations Topic 8E 
* IPv4 vs. IPv6 Topic 8E 
* Subnet mask Topic 8E 
* Gateway Topic 8E 
«+ VPN Topic 8E 
e VLAN Topic 8E 
e NAT Topic 8E 
2.7 Compare and contrast Internet connection types, Topic 8E 
network types, and their features. 
* Internet connection types Topic 8D 
* Cable Topic 8D 
* DSL Topic 8D 
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Domain and Objective Covered in 
* Dial-up Topic 8D 
+ Fiber Topic 8D 
* Satellite Topic 8D 
* ISDN Topic 8D 
* Cellular Topic 6C 
e  Tethering Topic 16B 
e Mobile hotspot Topic B 
e Line-of-sight wireless Internet service Topic 8D 
e Network types Topic 8A 
* LAN Topic 8A 
+ WAN Topic 8A 
* PAN Topic 8C 
e MAN Topic 8A 
+ WMN Topic 8C 
2.8 Given a scenario, use appropriate networking tools. 
* Crimper Topic 8A 
* Cable stripper Topic 8A 
+ Multimeter Topic 8A 
* Tone generator and probe Topic 8A 
* Cable tester Topic 8A 
e Loopback plug Topic 8A 
e Punchdown tool Topic 8A 
e WiFi analyzer Topic 9E 


Domain 3.0 Hardware 
3.1 Explain basic cable types, features, and their purposes. 


e Network cables Topic 8A 
* Ethernet Topic 8A 

e Cat5 Topic 8A 

e Cat5e Topic 8A 

e Cat6 Topic 8A 
«Plenum Topic 8A 

* Shielded twisted pair Topic 8A 

e Unshielded twisted pair Topic 8A 

* 568A/B Topic 8A 

+ Fiber Topic 8A 

* Coaxial Topic 8A 

* Speed and transmission limitations Topic 8A 

e Video cables Topic 3A 
e VGA Topic 3A 

* HDMI Topic 3A 

* Mini-HDMI Topic 3A 

* DisplayPort Topic 3A 

* DVI (DVI-D/DVI-l) Topic 3A 

e Multipurpose cables Topic 2C 
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Domain and Objective 


e Lightning 

* Thunderbolt 

e USB 

e USB-C 

* USB 2.0 

* USB 3.0 
Peripheral cables 
* Serial 

Hard drive cables 
e SATA 

* IDE 

* SCSI 

Adapters 

* DVI to HDMI 

* USB to Ethernet 
* DVI to VGA 


3.2 Identify common connector types. 


3.3 Given a scenario, install RAM types. 
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RJ-11 
RJ-45 
RS-232 
BNC 
RG-59 
RG-6 

USB 
Micro-USB 
Mini-USB 
USB-C 
DB-9 
Lightning 
SCSI 
eSATA 
Molex 


RAM types 

* SODIMM 

* DDR2 

* DDR3 

* DDR4 

Single channel 

Dual channel 

Triple channel 

Error correcting 
Parity vs. non-parity 


Covered in 
Topic 2C 
Topic 2C 
Topic 2C 
Topic 2C 
Topic 2C 
Topic 2C 
Topic 2C 
Topic 2C 
Topic 4B 
Topic 4B 
Topic 4B 
Topic 4B 
Topic 3A 
Topic 3A 
Topic 15A 
Topic 3A 


Topic 2C 
Topic 2C 
Topic 2C 
Topic 8A 
Topic 8A 
Topic 8A 
Topic 2C 
Topic 2C 
Topic 2C 
Topic 2C 
Topic 2C 
Topic 2C 
Topic 2C 
Topic 2C 
Topic 2C 
Topic 4A 
Topic 4A 
Topic 4A 
Topic 4A 
Topic 4A 
Topic 4A 
Topic 4A 
Topic 4A 
Topic 4A 
Topic 4A 
Topic 4A 
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Domain and Objective Covered in 

3.4 Given a scenario, select, install and configure storage 

devices. 

* Optical drives Topic 4C 
* CD-ROM/CD-RW Topic 4C 
* DVD-ROM/DVD-RW/DVD-RW DL Topic 4C 
* Blu-ray Topic 4C 
* BD-R Topic 4C 
* BD-RE Topic 4C 

* Solid-state drives Topic 4B 
* M2 drives Topic 4B 
* NVME Topic 4B 
* SATA2.5 Topic 4B 

e Magnetic hard drives Topic 4B 
e 5,400rpm Topic 4B 
e 7,200rpm Topic 4B 
* 10,000rpm Topic 4B 
e  15,000rpm Topic 4B 
e Sizes Topic 4B 

+ 2.5 Topic 4B 
* (35 Topic 4B 

e Hybrid drives Topic 4B 

e Flash Topic 4C 
* SD card Topic 4C 
* CompactFlash Topic 4C 
e Micro-SD card Topic 4C 
* Mini-SD card Topic 4C 
* xD Topic 4C 

* Configurations Topic 4D 
* RAID 0, 1, 5, 10 Topic 4D 
e Hot swappable Topic 4D 


3.5 Given a scenario, install and configure motherboards, 
CPUs, and add-on cards. 


e Motherboard form factor Topic 2B 
* ATX Topic 2B 
* mATX Topic 2B 
+ ITX Topic 2B 
*  mlTX Topic 2B 
« Motherboard connector types Topic 2B 
e PCI Topic 2B 
e PCle Topic 2B 
e Riser card Topic 2B 
* Socket types Topic 2B 
* SATA Topic 2B 
* IDE Topic 2B 
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Domain and Objective Covered in 
* Front panel connector Topic 2B 
e Internal USB connector Topic 2B 
* BIOS/UEFI settings Topic 5B 
* Boot options Topic 5B 
e Firmware updates Topic 5B 
* Security settings Topic 5B 
* Interface configurations Topic 5B 
* Security Topic 5B 
* Passwords Topic 5B 
* Drive encryption Topic 5B 
+ TPM Topic 5B 
e — Lojack Topic 5B 
* Secure boot Topic 5B 
e CMOS battery Topic 2B 
e CPU features Topic 5A 
* Single-core Topic 5A 
e Multicore Topic 5A 
e Virtualization Topic 5A 
e Hyperthreading Topic 5A 
* Speeds Topic 5A 
* Overclocking Topic 5A 
e Integrated GPU Topic 5A 
* Compatibility Topic 5A 
* AMD Topic 5A 
e Intel Topic 5A 
* Cooling mechanism Topic 5A 
* Fans Topic 5A 
e Heat sink Topic 5A 
* Liquid Topic 5A 
* Thermal paste Topic 5A 
e Expansion cards Topic 3A 
* Video cards Topic 3A 
* Onboard Topic 3A 
e Add-on card Topic 3A 
* Sound cards Topic 3C 
e Network interface card Topic 2C 
e USB expansion card Topic 2C 
* eSATA card Topic 2C 
3.6 Explain the purposes and uses of various peripheral 
types. 
e Printer Topic 17A 
e ADF/flatbed scanner Topic 17F 
* Barcode scanner/QR scanner Topic 17F 
e Monitors Topic 3A 
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Domain and Objective Covered in 
* VR headset Topic 3A 
* Optical drive types Topic 4C 
* Mouse Topic 2D 
* Keyboard Topic 2D 
* Touchpad Topic 2D 
+ Signature pad Topic 2D 
* Game controllers Topic 2D 
* Camera/webcam Topic 3C 
e Microphone Topic 3C 
* Speakers Topic 3C 
* Headset Topic 3C 
* Projector Topic 3A 
e Lumens/brightness Topic 3A 
e External storage drives Topic 4C 
* KVM Topic 2D 
e Magnetic reader/chip reader Topic 2D 
e NFC/tap pay device Topic 2D 
* Smart card reader Topic 2D 
3.7 Summarize power supply types and features. 
e Input 115V vs. 220V Topic 5C 
e Output 5V vs. 12V Topic 5C 
* 24-pin motherboard adapter Topic 5C 
+ Wattage rating Topic 5C 
« Number of devices/types of devices to be powered Topic 5C 


3.8 Given a scenario, select and configure appropriate 
components for a custom PC configuration to meet 
customer specifications or needs. 


* Graphic/CAD/CAM design workstation Topic 5E 
* SSD Topic 5E 
* High-end video Topic 5E 
e Maximum RAM Topic 5E 
e Audio/video editing workstation Topic 5E 
* Specialized audio and video card Topic 5E 
+ Large, fast hard drive Topic 5E 
* Dual monitors Topic 5E 
e Virtualization workstation Topic 5E 
e Maximum RAM and CPU cores Topic 5E 
* Gaming PC Topic 5E 
* SSD Topic 5E 
e High-end video/specialized GPU Topic 5E 
* High-definition sound card Topic 5E 
e High-end cooling Topic 5E 
e Network attached storage device Topic 5E 
* Media streaming Topic 5E 
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Domain and Objective Covered in 
e File sharing Topic 5E 
* Gigabit NIC Topic 5E 
e RAID array Topic 5E 
e Hard drive Topic 5E 
* Standard thick client Topic 5E 
e Desktop applications Topic 5E 
+ Meets recommended requirements for selected OS Topic 5E 
* Thin client Topic 5E 
e Basic applications Topic 5E 
e Meets minimum requirements for selected OS Topic 5E 
e Network connectivity Topic 5E 
3.9 Given a scenario, install and configure common devices. 
* Desktop Topic 5E 
* Thin client Topic 5E 
* Thick client Topic 5E 
e Account setup/settings Topic 5E 
e Laptop/common mobile devices Topic 15A 
* Touchpad configuration Topic 15A 
* Touchscreen configuration Topic 15A 
e Application installations/configurations Topic 16D 
* Synchronization settings Topic 16D 
e Account setup/settings Topic 16D 
* Wireless settings Topic 16C 


3.10 Given a scenario, configure SOHO multifunction 
devices/printers and settings. 


e Use appropriate drivers for a given operating system Topic 17D 
* Configuration settings Topic 17D 

* Duplex Topic 17D 

* Collate Topic 17D 

e Orientation Topic 17D 

* Quality Topic 17D 

e Device sharing Topic 17D 
e Wired Topic 17D 

e USB Topic 17D 

* Serial Topic 17D 

* Ethernet Topic 17D 

e Wireless Topic 17D 

e Bluetooth Topic 17D 

*  802.11(a, b, g, n, ac) Topic 17D 

* Infrastructure vs. ad hoc Topic 17D 

e Integrated print server (hardware) Topic 17D 

* Cloud printing/remote printing Topic 17D 

e Public/shared devices Topic 17D 
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Domain and Objective Covered in 
* Sharing local/networked device via operating system Topic 17D 
settings 
e  TCP/Bonjour/AirPrint Topic 17D 
* Data privacy Topic 17D 
e User authentication on the device Topic 17D 
e Hard drive caching Topic 17D 


3.11 Given a scenario, install and maintain various print 
technologies. 


e Laser Topic 17A 
* Imaging drum, fuser assembly, transfer belt, transfer Topic 17A 
roller, pickup rollers, separate pads, duplexing assembly 
* Imaging process: processing, charging, exposing, Topic 17A 
developing, transferring, fusing, and cleaning 
+ Maintenance: Replace toner, apply maintenance kit, Topic 17A 
calibrate, clean 
e Inkjet Topic 17B 
e Ink cartridge, print head, roller, feeder, duplexing Topic 17B 
assembly, carriage, and belt 
* Calibrate Topic 17B 
* Maintenance: Clean heads, replace cartridges, calibrate, Topic 17B 
clear jams 
* Thermal Topic 17C 
* Feed assembly, heating element Topic 17C 
* Special thermal paper Topic 17C 
+ Maintenance: Replace paper, clean heating element, Topic 17C 
remove debris 
* Impact Topic 17C 
e Print head, ribbon, tractor feed Topic 17C 
* Impact paper Topic 17C 
* Maintenance: Replace ribbon, replace print head, replace Topic 17C 
paper 
e Virtual Topic 17D 
* Print to file Topic 17D 
e Print to PDF Topics17D 
* Print to XPS Topic 17D 
e Print to image Topic 17D 
* 3D printers Topic 17C 
e Plastic filament Topic 17C 


Domain 4.0 Virtualization and Cloud Computing 
4.1 Compare and contrast cloud computing concepts. 


* Common cloud models Topic 11B 
* laas Topic 11B 
* SaaS Topic 11B 
e PaaS Topic 11B 
* Public vs. private vs. hybrid vs. community Topic 11B 
* Shared resources Topic 11B 
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Domain and Objective 


+ Internal vs. external 

Rapid elasticity 

On-demand 

Resource pooling 

Measured service 

Metered 

Off-site email applications 

Cloud file storage services 

e Synchronization apps 

Virtual application streaming/cloud-based applications 
e Applications for cell phones/tablets 
e Applications for laptops/desktops 
Virtual desktop 

e Virtual NIC 


4.2 Given a scenario, set up and configure client-side 
virtualization. 


Purpose of virtual machines 
Resource requirements 
Emulator requirements 
Security requirements 
Network requirements 
Hypervisor 


Domain 5.0 Hardware and Network Troubleshooting 


5.1 Given a scenario, use the best practice methodology to 


resolve problems. 


Always consider corporate policies, procedures, and impacts 


before implementing changes 
1. Identify the problem 


* Question the user and identify user changes to computer 


and perform backups before making changes 


e Inquire regarding environmental or infrastructure 
changes 


e Review system and application logs 


2. Establish a theory of probable cause (question the 
obvious) 


e If necessary, conduct external or internal research based 


on symptoms 
3. Test the theory to determine cause 


* Once the theory is confirmed, determine the next steps 


to resolve problem 


«If theory is not confirmed re-establish new theory or 
escalate 

4. Establish a plan of action to resolve the problem and 

implement the solution 


5. Verify full system functionality and, if applicable, 
implement preventive measures 
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Covered in 
Topic 11B 
Topic 11B 
Topic 11B 
Topic 11B 
Topic 11B 
Topic 11B 
Topic 11B 
Topic 11B 
Topic 11B 
Topic 11B 
Topic 11B 
Topic 11B 
Topic 11B 
Topic 11B 


Topic 11A 
Topic 11A 
Topic 11A 
Topic 11A 
Topic 11A 
Topic 11A 


Topic 1B 


Topic 1B 
Topic 1B 


Topic 1B 


Topic 1B 
Topic 1B 


Topic 1B 


Topic 1B 
Topic 1B 


Topic 1B 
Topic 1B 


Topic 1B 
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Domain and Objective Covered in 
* 6. Document findings, actions, and outcomes Topic 1B 


5.2 Given a scenario, troubleshoot problems related to 
motherboards, RAM, CPUs, and power. 


* Common symptoms Topic 5D 
e Unexpected shutdowns Topic 5D 
* System lockups Topic 5D 
* POST code beeps Topic 5D 
* Blank screen on bootup Topic 5D 
* BIOS time and setting resets Topic 5D 
e Attempts to boot to incorrect device Topic 5D 
* Continuous reboots Topic 5D 
* No power Topic 5D 
* Overheating Topic 5D 
e Loud noise Topic 5D 
e Intermittent device failure Topic 5D 
* Fans spin - no power to other devices Topic 5D 
* Indicator lights Topic 5D 
* Smoke Topic 5D 
* Burning smell Topic 5D 
* Proprietary crash screens (BSOD/pin wheel) Topic 5D 
e Distended capacitors Topic 5D 
e Log entries and error messages Topic 5D 

5.3 Given a scenario, troubleshoot hard drives and RAID 

arrays. 

* Common symptoms Topic 4E 
e Read/write failure Topic 4E 
* Slow performance Topic 4E 
e Loud clicking noise Topic 4E 
e Failure to boot Topic 4E 
* Drive not recognized Topic 4E 
* OS not found Topic 4E 
e RAID not found Topic 4E 
e RAID stops working Topic 4E 
e Proprietary crash screens (BSOD/pin wheel) Topic 4E 
* S.M.A.R.T. errors Topic 4E 

5.4 Given a scenario, troubleshoot video, projector, and Topic 3B 

display issues. 

e Common symptoms Topic 3B 
* VGA mode Topic 3B 
e No image on screen Topic 3B 
*  Overheat shutdown Topic 3B 
* Dead pixels Topic 3B 
e Artifacts Topic 3B 
e Incorrect color patterns Topic 3B 
* Dim image Topic 3B 
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Domain and Objective 


5.5 Given a scenario, troubleshoot common mobile device 
issues while adhering to the appropriate procedures. 


Flickering image 

Distorted image 

Distorted geometry 

Burn-in 

Oversized images and icons 


* Common symptoms 


No display 

Dim display 

Flickering display 

Sticking keys 

Intermittent wireless 
Battery not charging 

Ghost cursor/pointer drift 
No power 

Num lock indicator lights 
No wireless connectivity 
No Bluetooth connectivity 
Cannot display to external monitor 
Touchscreen non-responsive 
Apps not loading 

Slow performance 

Unable to decrypt email 
Extremely short battery life 
Overheating 

Frozen system 

No sound from speakers 
GPS not functioning 
Swollen battery 


e Disassembling processes for proper reassembly 


Document and label cable and screw locations 
Organize parts 

Refer to manufacturer resources 

Use appropriate hand tools 


5.6 Given a scenario, troubleshoot printers. 
* Common symptoms 


Streaks 

Faded prints 

Ghost images 

Toner not fused to the paper 
Creased paper 

Paper not feeding 

Paper jam 
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Covered in 
Topic 3B 
Topic 3B 
Topic 3B 
Topic 3B 
Topic 3B 


Topic 15C 
Topic 15C 
Topic 15C 
Topic 15C 
Topic 15C 
Topic 15C 
Topic 15C 
Topic 15C 
Topic 15C 
Topic 15C 
Topic 15C 
Topic 15C 
Topic 15C 
Topic 15C 
Topic 15C 
Topic 15C 
Topic 15C 
Topic 15C 
Topic 15C 
Topic 15C 
Topic 15C 
Topic 15C 
Topic 15C 
Topic 15B 
Topic 15B 
Topic 15B 
Topic 15B 
Topic 15B 


Topic 17E 
Topic 17E 
Topic 17E 
Topic 17E 
Topic 17E 
Topic 17E 
Topic 17E 
Topic 17E 
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Domain and Objective Covered in 
e No connectivity Topic 17E 
e Garbled characters on paper Topic 17E 
e Vertical lines on page Topic 17E 
* Backed-up print queue Topic 17E 
* Low memory errors Topic 17E 
e Access denied Topic 17E 
e Printer will not print Topic 17E 
* Color prints in wrong print color Topic 17E 
e Unable to install printer Topic 17E 
* Error codes Topic 17E 
* Printing blank pages Topic 17E 
* No image on printer display Topic 17E 
e Multiple failed jobs in logs Topic 17E 


5.7 Given a scenario, troubleshoot common wired and 
wireless network problems. 


* Common symptoms Topic 9E 
e Limited connectivity Topic 9E 
e Unavailable resources Topic 9E 

e Internet Topic 9E 

* Local resources Topic 9E 

* Shares Topic 9E 

e Printers Topic 9E 

* Email Topic 9E 

e No connectivity Topic 9E 
* APIPA/link local address Topic 9E 
e Intermittent connectivity Topic 9E 
e IP conflict Topic 9E 
* Slow transfer speeds Topic 9E 
* Low RF signal Topic 9E 
* SSID not found Topic 9E 
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Mapping Course Content to CompTIA® 


A+® Core 2 (Exam 220-1002) 


Achieving CompTIA A+ certification requires candidates to pass exams 220-1001 and 
220-1002. This table describes where the exam objectives for Core 2 (Exam 220-1002) 
are covered in this course. 


Domain and Objective Covered in 
Domain 1.0 Operating Systems 


1.1 Compare and contrast common operating system types 
and their purposes. 


* 32-bit vs 64-bit Topic 1A 
* RAM limitations Topic 1A 
* Software compatibility Topic 1A 
e Workstation operating systems Topic 1A 
* Microsoft Windows Topic 1A 
e Apple Macintosh OS Topic 1A 
e Linux Topic 1A 
* Cell phone/tablet operating systems Topic 1A 
* Microsoft Windows Topic 1A 
* Android Topic 1A 
e iOS Topic 1A 
* Chrome OS Topic 1A 
* Vendor-specific limitations Topic 1A 
+ End-of-life Topic 1A 
+ Update limitations Topic 1A 
* Compatibility concerns between operating systems Topic 1A 
1.2 Compare and contrast features of Microsoft Windows 
versions. 
+ Windows 7 Topic 1A 
+ Windows 8 Topic 1A 
+ Windows 8.1 Topic 1A 
+ Windows 10 Topic 1A 
* Corporate vs. personal needs Topic 1A 
e Domain access Topic 1A 
+ BitLocker Topic 1A 
* Media center Topic 1A 
* BranchCache Topic 1A 
* EFS Topic 1A 
* Desktop styles/user interface Topic 1A 


1.3 Summarize general OS installation considerations and 
upgrade methods. 


* Boot methods Topic 6C 
* Optical disc (CD-ROM, DVD, Blu-ray) Topic 6C 
* External drive/flash drive (USB/eSATA) Topic 6C 
e Network boot (PXE) Topic 6C 


e Internal fixed disk (HDD/SSD) Topic 6C 
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Domain and Objective 


e Internal hard drive (partition) 
Types of installations 

e Unattended installation 

*  In-place upgrade 

e Clean install 

e Repair installation 

e Multiboot 

e Remote network installation 
* Image deployment 

e Recovery partition 

e Refresh/restore 


Partitioning 
* Dynamic 
e Basic 
* Primary 
* Extended 
* Logical 
* GPT 

File system types/formatting 
+ EXFAT 
* FAT32 
* NTFS 
* CDFS 
* NFS 
e ext3, ext4 
* HFS 


* Swap partition 

* Quick format vs full format 

Load alternate third-party drivers when necessary 
Workgroup vs. Domain setup 
Time/date/region/language settings 

Driver installation, software, and Windows updates 
Factory recovery partition 


Properly formatted boot drive with the correct partitions/ 
format 


Prerequisites/hardware compatibility 
Application compatibility 
OS compatibility/upgrade path 


1.4 Given a scenario, use appropriate Microsoft command 
line tools. 


Navigation 


e dir 
* cd 
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Covered in 
Topic 6C 
Topic 6C 
Topic 6C 
Topic 6C 
Topic 6C 
Topic 6C 
Topic 6C 
Topic 6C 
Topic 6C 
Topic 6C 
Topic 6C 
Topic 1E 
Topic 1E 
Topic 1E 
Topic 1E 
Topic 1E 
Topic 1E 
Topic 1E 
Topic 1E, 6A, 6B 
Topic 1E 
Topic 1E 
Topic 1E 
Topic 1E 
Topic 6A 
Topic 6A 
Topic 6B 
Topic 6A 
Topic 1E 
Topic 6C 
Topic 6C 
Topic 6C 
Topic 6C 
Topic 6C 
Topic 6C 


Topic 6C 
Topic 6C 
Topic 6C 


Topic 1D 
Topic 1D 
Topic 1D 
Topic 1D 
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Domain and Objective 


* ipconfig 
* ping 

* tracert 

* netstat 

* nslookup 
* shutdown 
+ dism 

* sfc 

* chkdsk 

e diskpart 
+ taskkill 

* gpupdate 
*  gpresult 

* format 

* copy 

* xcopy 

* robocopy 
* netuse 

* net user 


* [command name]/? 


* Commands available with standard privileges vs. 
administrative privileges 


1.5 Given a scenario, use Microsoft operating system 
features and tools. 


«e Administrative 


* Computer Management 

* Device Manager 

e Local Users and Groups 

e Local Security Policy 

* Performance Monitor 

* Services 

* System Configuration 

* Task Scheduler 

* Component Services 

e Data Sources 

e Print Management 

«+ Windows Memory Diagnostics 
* Windows Firewall 

e Advanced Security 

* Event Viewer 

e User Account Management 


* MSConfig 
* General 
* Boot 
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Covered in 
Topic 9E 
Topic 9E 
Topic 9E 
Topic 9E 
Topic 9E 
Topic 1C 
Topic 6C 
Topic 7C 
Topic 6D 
Topic 1E 
Topic 7A 
Topic 10C 
Topic 10C 
Topic 1E 
Topic 1D 
Topic 1D 
Topic 1D 
Topic 10B 
Topic 10A 
Topic 1C 
Topic 1C 


Topic 1C, 1F, 7A, 7B, 
7C, 9C, 9D, 10A 


Topic 1C 
Topic 1F 
Topic 10A 
Topic 10A 
Topic 7B 
Topic 7A 
Topic 7C 
Topic 6D 
Topic 7A 
Topic 7A 
Topic 7A 
Topic 7C 
Topic 9C 
Topic 9C 
Topic 7C 
Topic 1C 
Topic 7C 
Topic 7C 
Topic 7C 
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Domain and Objective 


Services 
Startup 
Tools 


* Task Manager 


Applications 
Processes 
Performance 
Networking 
Users 


Disk Management 


Drive status 

Mounting 

Initializing 

Extending partitions 

Splitting partitions 

Shrink partitions 
Assigning/changing drive letters 
Adding drives 

Adding arrays 

Storage spaces 


e System utilities 


1.6 Given a scenario, use Microsoft Windows Control Panel 


Regedit 
Command 
Services.msc 
MMC 

MSTC 

Notepad 
Explorer 
Msinfo32 
DxDiag 

Disk Defragmenter 
System Restore 
Windows Update 


utilities. 
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Internet Options 


Connections 
Security 
General 
Privacy 
Programs 
Advanced 


Display/Display Settings 


Covered in 
Topic 7C 
Topic 7C 
Topic 7C 
Topic 7A 
Topic 7A 
Topic 7A 
Topic 7A 
Topic 7A 
Topic 7A 
Topic 1E 
Topic 1E 
Topic 1E 
Topic 1E 
Topic 1E 
Topic 1E 
Topic 1E 
Topic 1E 
Topic 1E 
Topic 1E 
Topic 1E 


Topic 1C, 1D, 1F, 6D, 
7A, 7C 


Topic 1C 
Topic 1C 
Topic 7A 
Topic 1C 
Topic 9D 
Topic 1C 
Topic 1D 
Topic 1F 
Topic 1F 
Topic 6D 
Topic 7C 
Topic 6D 


Topic 9C 
Topic 9C 
Topic 9C 
Topic 9C 
Topic 9C 
Topic 9C 
Topic 9C 
Topic 1F 
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Domain and Objective Covered in 
* Resolution Topic 1F 
* Color depth Topic 1F 
e Refresh rate Topic 1F 
e User Accounts Topic 1C 
+ Folder Options Topic 1D 
e View hidden files Topic 1D 
e Hide extensions Topic 1D 
* General options Topic 1D 
e View options Topic 1D 
* System Topic 7B 
e Performance (virtual memory) Topic 7B 
* Remote settings Topic 7B 
* System protection Topic 7B 
* Windows Firewall Topic 9C 
* Power Options Topic 1F 
e Hibernate Topic 1F 
* Power plans Topic 1F 
* Sleep/suspend Topic 1F 
* Standby Topic 1F 
* Credential Manager Topic 10A 
* Programs and features Topic 7A 
* HomeGroup Topic 10B 
* Devices and Printers Topic 1F 
* Sound Topic 1F 
* Troubleshooting Topic 1F 
e Network and Sharing Center Topic 9A 
* Device Manager Topic 1F 
* BitLocker Topic 13B 
* Sync Center Topic 10B 
1.7 Summarize application installation and configuration 
concepts. 
* System requirements Topic 7A 
e Drive space Topic 7A 
e RAM Topic 7A 
* OS requirements Topic 7A 
* Compatibility Topic 7A 
e Methods of installation and deployment Topic 7A 
* Local (CD/USB) Topic 7A 
e Network-based Topic 7A 
e Local user permissions Topic 7A 
e Folder/file access for installation Topic 7A 
* Security considerations Topic 7A 
* Impact to device Topic 7A 
* Impact to network Topic 7A 
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Domain and Objective 


1.8 Given a scenario, configure Microsoft Windows 
networking on a client/desktop. 


HomeGroup vs. Workgroup 

Domain setup 

Network shares/administrative shares/mapping drives 
Printer sharing vs. network printer mapping 

Establish networking connections 


e VPN 

e  Dial-ups 
e Wireless 
e Wired 


e WWAN (Cellular) 

Proxy settings 

Remote Desktop Connection 

Remote Assistance 

Home vs. Work vs. Public network settings 
Firewall settings 

* Exceptions 

* Configuration 

* Enabling/disabling Windows Firewall 
Configuring an alternative IP address in Windows 
+ IP addressing 

* Subnet mask 

* DNS 

e Gateway 

Network card properties 

e Half duplex/full duplex/auto 


* Speed 
«e Wake-on-LAN 
* QoS 


* BIOS (on-board NIC) 


1.9 Given a scenario, use features and tools of the Mac OS 
and Linux client/desktop operating systems. 


Best practices 

* Scheduled backups 

* Scheduled disk maintenance 
e System updates/App Store 

e Patch management 

* Driver/firmware updates 

e Antivirus/Anti-malware updates 
Tools 

e Backup/Time Machine 

e Restore/Snapshot 

e Image recovery 
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Covered in 


Topic 10B 
Topic 10C 
Topic 10B 
Topic 10B 
Topic 9A 
Topic 9A 
Topic 9A 
Topic 9A 
Topic 9A 
Topic 9A 
Topic 9C 
Topic 9D 
Topic 9D 
Topic 9C 
Topic 9C 
Topic 9C 
Topic 9C 
Topic 9C 
Topic 9A 
Topic 9A 
Topic 9A 
Topic 9A 
Topic 9A 
Topic 9A 
Topic 9A 
Topic 9A 
Topic 9A 
Topic 9A 
Topic 9A 


Topic 6D 
Topic 6D 
Topic 6D 
Topic 6D 
Topic 6D 
Topic 6D 
Topic 6D 
Topic 6B, 6D 
Topic 6D 
Topic 6D 
Topic 6B 
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Domain and Objective Covered in 
* Disk maintenance utilities Topic 6D 
*  Shell/Terminal Topic 6B 
* Screen sharing Topic 6B 
* Force Quit Topic 6B 

* Features Topic 6B 
e Multiple desktops/Mission Control Topic 6B 
* Key Chain Topic 6B 
* Spot Light Topic 6B 
* iCloud Topic 6B 
* Gestures Topic 6B 
* Finder Topic 6B 
e Remote Disc Topic 6B 
* Dock Topic 6B 
* Boot Camp Topic 6B 

* Basic Linux commands Topic 6A 
e is Topic 6A 
* grep Topic 6A 
* cd Topic 6A 
* shutdown Topic 6A 
* pwd vs. passwd Topic 6A 
* mv Topic 6A 
* cp Topic 6A 
* orm Topic 6A 
«+ chmod Topic 6A 
* chown Topic 6A 
e iwconfig/ifconfig Topic 6A 
* ps Topic 6A 
* su/sudo Topic 6A 
* apt-get Topic 6A 
e vi Topic 6A 
* dd Topic 6A 
e kill Topic 6A 


Domain 2.0 Security 
2.1 Summarize the importance of physical security 


measures. 
* Mantrap Topic 12C 
* Badge reader Topic 12C 
* Smart card Topic 12C 
* Security guard Topic 12C 
* Door lock Topic 12C 
e Biometric locks Topic 12C 
e Hardware tokens Topic 12C 
* Cable locks Topic 12C 
* Server locks Topic 12C 
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Domain and Objective 


2.2 Explain logical security concepts. 


USB locks 

Privacy screen 

Key fobs 

Entry control roster 


Active Directory 


Login script 

Domain 

Group Policy/Updates 
Organizational Units 
Home Folder 

Folder redirection 


Software tokens 


MDM policies 


Port security 

MAC address filtering 
Certificates 
Antivirus/Anti-malware 
Firewalls 


User authentication/strong passwords 
Multifactor authentication 


Directory permissions 
VPN 

DLP 

Access control lists 
Smart card 

Email filtering 


Trusted/untrusted software sources 
Principle of least privilege 
2.3 Compare and contrast wireless security protocols and 


authentication methods. 
Protocols and encryption 


2.4 Given a scenario, detect, remove, and prevent malware 
using appropriate tools and methods. 


Appendix B : Mapping Course Content to CompTIA®A+® Core 2 (Exam 220-1002) | 


WEP 
WPA 
WPA2 
TKIP 
AES 


Authentication 


Single-factor 
Multifactor 
RADIUS 
TACACS 


Covered in 
Topic 12C 
Topic 12C 
Topic 12C 
Topic 12C 


Topic 10C 
Topic 10C 
Topic 10C 
Topic 10C 
Topic 10C 
Topic 10C 
Topic 10C 
Topic 13A 
Topic 12A 
Topic 12A 
Topic 12A 
Topic 12A 
Topic 12A 
Topic 12A 
Topic 13A 
Topic 13A 
Topic 13B 
Topic 12A 
Topic 13B 
Topic 12A 
Topic 12C 
Topic 14B 
Topic 12A 
Topic 12A 


Topic 9B 
Topic 9B 
Topic 9B 
Topic 9B 
Topic 9B 
Topic 9B 
Topic 13A 
Topic 13A 
Topic 13A 
Topic 13A 
Topic 13A 
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Domain and Objective Covered in 

e Malware Topic 14A 
e Ransomware Topic 14A 
* Trojan Topic 14A 
* Keylogger Topic 14A 
e Rootkit Topic 14A 
e Virus Topic 14A 
* Botnet Topic 14A 
* Worm Topic 14A 
* Spyware Topic 14A 

* Tools and methods Topic 14A 
e Antivirus Topic 14A 
« Anti-malware Topic 14A 
* Recovery console Topic 14A 
* Backup/restore Topic 14A 
* End user education Topic 14A 
* Software firewalls Topic 14A 
* DNS configuration Topic 14A 


2.5 Compare and contrast social engineering, threats, and 
vulnerabilities. 


* Social engineering Topic 12B 
e Phishing Topic 12B 
* Spear-phishing Topic 12B 
* Impersonation Topic 12B 
* Shoulder surfing Topic 12B 
* Tailgating Topic 12B 
* Dumpster diving Topic 12B 
* DDoS Topic 12B 
* DoS Topic 12B 
* Zero-day Topic 12B 
e Man-in-the-middle Topic 12B 
* Brute force Topic 12B 
e Dictionary Topic 12B 
* Rainbow table Topic 12B 
* Spoofing Topic 12B 
* Non-compliant systems Topic 12B 
* Zombie Topic 12B 


2.6 Compare and contrast the differences of basic 
Microsoft Windows OS security settings. 


e User and groups Topic 10A 
e Administrator Topic 10A 
* Power user Topic 10A 
* Guest Topic 10A 
* Standard user Topic 10A 
+ NTFS vs. share permissions Topic 1D, 10B 
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Domain and Objective 


* Allow vs. deny 

* Moving vs. copying folders and files 
e File attributes 

Shared files and folders 

e Administrative shares vs. local shares 
e Permission propagation 

* Inheritance 

System files and folders 

User authentication 

* Single sign-on 

Run as administrator vs. standard user 
BitLocker 

BitLocker To Go 

EFS 


2.7 Given a scenario, implement security best practices to 
secure a workstation. 


Password best practices 

* Setting strong passwords 

e Password expiration 

* Screensaver required password 

e BIOS/UEFI passwords 

e Requiring passwords 

Account management 

* Restricting user permissions 

* Logon time restrictions 

e Disabling guest account 

e Failed attempts lockout 

* Timeout/screen lock 

* Change default admin user account/password 

e Basic Active Directory functions 
e Account creation 
* Account deletion 
* Password reset/unlock account 
* Disable account 

Disable autorun 

Data encryption 

Patch/update management 


2.8 Given a scenario, implement methods for securing 
mobile devices. 


Screen locks 

e Fingerprint lock 
e Face lock 

* Swipe lock 

e Passcode lock 
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Covered in 
Topic 10B 
Topic 10B 
Topic 1D 
Topic 10B 
Topic 10B 
Topic 10B 
Topic 10B 
Topic 1D 
Topic 10A 
Topic 10A 
Topic 1C 
Topic 13B 
Topic 13B 
Topic 13B 


Topic 13A 
Topic 13A 
Topic 13A 
Topic 13A 
Topic 13A 
Topic 13A 
Topic 13A 
Topic 13A 
Topic 13A 
Topic 13A 
Topic 13A 
Topic 13A 
Topic 13A 
Topic 10C 
Topic 10C 
Topic 10C 
Topic 10C 
Topic 10C 
Topic 12A 
Topic 13B 
Topic 12A 


Topic 16E 
Topic 16E 
Topic 16E 
Topic 16E 
Topic 16E 


The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 1091 


Domain and Objective Covered in 
* Remote wipes Topic 16E 
e Locator applications Topic 16E 
e Remote backup applications Topic 16E 
e Failed login attempts restrictions Topic 16E 
e  Antivirus/Anti-malware Topic 16E 
e Patching/OS updates Topic 16E 
e Biometric authentication Topic 16E 
e Full device encryption Topic 16E 
e Multifactor authentication Topic 16E 
e Authenticator applications Topic 16E 
* Trusted sources vs. untrusted sources Topic 16E 
e Firewalls Topic 16E 
e Policies and procedures Topic 16E 
+ BYOD vs. corporate-owned Topic 16E 
e Profile security requirements Topic 16E 


2.9 Given a scenario, implement appropriate data 
destruction and disposal methods. 


e Physical destruction Topic 12C 
* Shredder Topic 12C 
* Drill/hammer Topic 12C 
* Electromagnetic (Degaussing) Topic 12C 
e Incineration Topic 12C 
* Certificate of destruction Topic 12C 
* Recycling or repurposing best practices Topic 12C 
* Low-level format vs. standard format Topic 12C 
e Overwrite Topic 12C 
* Drive wipe Topic 12C 


2.10 Given a scenario, configure security on SOHO wireless 
and wired networks. 


e Wireless-specific Topic 9B 
* Changing default SSID Topic 9B 
* Setting encryption Topic 9B 
* Disabling SSID broadcast Topic 9B 
e Antenna and access point placement Topic 9B 
* Radio power levels Topic 9B 
* WPS Topic 9B 
* Change default usernames and passwords Topic 9B 
* Enable MAC filtering Topic 12A 
e Assign static IP addresses Topic 9B 
* Firewall settings Topic 9C 
* Port forwarding/mapping Topic 9C 
e Disabling ports Topic 9C 
e Content filtering/parental controls Topic 9C 
* Update firmware Topic 9B 
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Domain and Objective 


Physical security 
Domain 3.0 Software Troubleshooting 
3.1 Given a scenario, troubleshoot Microsoft Windows OS 


problems. 
* Common symptoms 


Slow performance 
Limited connectivity 
Failure to boot 

No OS found 
Application crashes 
Blue screens 

Black screens 
Printing issues 
Services fail to start 
Slow bootup 

Slow profile load 


* Common solutions 


3.2 Given a scenario, troubleshoot and resolve PC security 


Defragment the hard drive 
Reboot 

Kill tasks 

Restart services 

Update network settings 
Reimage/reload OS 

Roll back updates 

Roll back devices drivers 
Apply updates 

Repair application 
Update boot order 


Disable Windows services/applications 


Disable application startup 
Safe boot 
Rebuild Windows profiles 


issues. 
* Common symptoms 
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Pop-ups 

Browser redirection 
Security alerts 

Slow performance 

Internet connectivity issues 
PC/OS lockup 

Application crash 

OS updates failures 

Rogue antivirus 


Covered in 
Topic 9B 


Topic 7C 
Topic 7C 
Topic 9E 
Topic 7C 
Topic 7C 
Topic 7C 
Topic 7C 
Topic 7C 
Topic 7C 
Topic 7C 
Topic 7C 
Topic 7C 
Topic 7C 
Topic 7C 
Topic 7C 
Topic 7C 
Topic 7C 
Topic 9E 
Topic 7C 
Topic 7C 
Topic 7C 
Topic 7C 
Topic 7C 
Topic 7C 
Topic 7C 
Topic 7C 
Topic 7C 
Topic 7C 


Topic 14B 
Topic 14B 
Topic 14B 
Topic 14B 
Topic 14B 
Topic 14B 
Topic 14B 
Topic 14B 
Topic 14B 
Topic 14B 
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Domain and Objective Covered in 
* Spam Topic 14B 
* Renamed system files Topic 14B 
* Disappearing files Topic 14B 
* File permission changes Topic 14B 
* Hijacked email Topic 14B 

* Responses from users regarding email Topic 14B 
e Automated replies from unknown send email Topic 14B 
e Access denied Topic 14B 
* Invalid certificate (trusted root CA) Topic 14B 
* System/application log errors Topic 14B 


3.3 Given a scenario, use best practice procedures for 
malware removal. 


* 1. Identify and research malware symptoms. Topic 14A 

* 2. Quarantine the infected systems. Topic 14A 

* 3. Disable System Restore (in Windows). Topic 14A 

* 4, Remediate the infected systems. Topic 14A 
* a. Update the anti-malware software. Topic 14A 
+b. Scan and use removal techniques (safe mode, pre- Topic 14A 

installation environment). 

+ 5. Schedule scans and run updates. Topic 14A 

* 6. Enable System Restore and create a restore point (in Topic 14A 
Windows). 

+ 7. Educate the end user. Topic 14A 


3.4 Given a scenario, troubleshoot mobile OS and 
application issues. 


* Common symptoms Topic 16F 
* Dim display Topic 16F 
e Intermittent wireless Topic 16F 
* No wireless connectivity Topic 16F 
* No Bluetooth connectivity Topic 16F 
* Cannot broadcast to external monitor Topic 16F 
* Touchscreen non-responsive Topic 16F 
e Apps not loading Topic 16F 
* Slow performance Topic 16F 
* Unable to decrypt email Topic 16F 
* Extremely short battery life Topic 16F 
* Overheating Topic 16F 
* Frozen system Topic 16F 
e No sound from speakers Topic 16F 
e Inaccurate touch screen response Topic 16F 
* System lockout Topic 16F 
* App log errors Topic 16F 


3.5 Given a scenario, troubleshoot mobile OS and 
application security issues. 


* Common symptoms Topic 16F 
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Domain and Objective Covered in 
* Signal drop/weak signal Topic 16F 
* Power drain Topic 16F 
* Slow data speeds Topic 16F 
e Unintended WiFi connection Topic 16F 
e Unintended Bluetooth pairing Topic 16F 
* Leaked personal files/data Topic 16F 
e Data transmission over limit Topic 16F 
e Unauthorized account access Topic 16F 
e Unauthorized location tracking Topic 16F 
e Unauthorized camera/microphone activation Topic 16F 
e High resource utilization Topic 16F 


Domain 4.0 Operational Procedures 


4.1 Compare and contrast best practices associated with 
types of documentation. 


e Network topology diagrams Topic 18B 
* Knowledge base/articles Topic 18B 
e Incident documentation Topic 18B 
e Regulatory and compliance policy Topic 18B 
e Acceptable use policy Topic 18B 
e Password policy Topic 18B 
* Inventory management Topic 18B 

e Asset tags Topic 18B 

* Barcodes Topic 18B 


4.2 Given a scenario, implement basic change management 
best practices. 


* Documented business processes Topic 18C 
e Purpose of the change Topic 18C 
* Scope of the change Topic 18C 
* Risk analysis Topic 18C 
« Plan for change Topic 18C 
e End-user acceptance Topic 18C 
* Change board Topic 18C 

* Approvals Topic 18C 
* Backout plan Topic 18C 
* Documentation changes Topic 18C 


4.3 Given a scenario, implement basic disaster prevention 
and recovery methods. 


e Backup and recovery Topic 18D 
* Image level Topic 18D 
e File level Topic 18D 
* Critical applications Topic 18D 
e Backup testing Topic 18D 
* UPS Topic 18A 
e Surge protector Topic 18A 
* Cloud storage vs. local storage backups Topic 18D 
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Domain and Objective Covered in 
e Account recovery options Topic 18D 
4.4 Explain common safety procedures. 
e Equipment grounding Topic 2A 
« Proper component handling and storage Topic 2A 
e Antistatic bags Topic 2A 
* ESD straps Topic 2A 
* ESD mats Topic 2A 
*  Self-grounding Topic 2A 
* Toxic waste handling Topic 2A 
e Batteries Topic 2A 
* Toner Topic 2A 
* CRT Topic 2A 
* Cell phones Topic 2A 
* Tablets Topic 2A 
e Personal safety Topic 2A 
e Disconnect power before repairing PC Topic 2A 
e Remove jewelry Topic 2A 
* — Lifting techniques Topic 2A 
e Weight limitations Topic 2A 
e Electrical fire safety Topic 2A 
* Cable management Topic 2A 
+ Safety goggles Topic 2A 
e Air filter mask Topic 2A 
* Compliance with government regulations Topic 2A 
4.5 Explain environmental impacts and appropriate 
controls. 
e MSDS documentation for handling and disposal Topic 18A 
* Temperature, humidity level awareness, and proper Topic 18A 
ventilation 
e Power surges, brownouts, and blackouts Topic 18A 
* Battery backup Topic 18A 
* Surge suppressor Topic 18A 
e Protection from airborne particles Topic 18A 
* Enclosures Topic 18A 
«Air filters/mask Topic 18A 
* Dust and debris Topic 18A 
* Compressed air Topic 18A 
e Vacuums Topic 18A 
* Compliance to government regulations Topic 18A 


4.6 Explain the processes for addressing prohibited 
content/activity, and privacy, licensing, and policy 


concepts. 

* Incident response Topic 13C 
e First response Topic 13C 
e Identify Topic 13C 
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Domain and Objective Covered in 
e Report through proper channels Topic 13C 
e Data/device preservation Topic 13C 
e Use of documentation/documentation changes Topic 13B 
e Chain of custody Topic 13C 
e Tracking of evidence/documenting process Topic 13C 
* Licensing/DRM/EULA Topic 13B 
* Open-source vs. commercial license Topic 13B 
* Personal license vs. enterprise licenses Topic 13B 
e Regulated data Topic 13B 
e PII Topic 13B 
e PCI Topic 13B 
* GDPR Topic 13B 
* PHI Topic 13B 
* Follow all policies and security best practices Topic 13B 


4.7 Given a scenario, use proper communication 

techniques and professionalism. 

e Use proper language and avoid jargon, acronyms, and slang, Topic 18F 
when applicable 


e Maintain a positive attitude/ project confidence Topic 18F 

* Actively listen (taking notes) and avoid interrupting the Topic 18F 
customer 

* Be culturally sensitive Topic 18F 
e Use appropriate professional titles, when applicable Topic 18F 

* Beontime (if late, contact the customer) Topic 18F 

e Avoid distractions Topic 18F 
e Personal calls Topic 18F 
* Texting/social media sites Topic 18F 
* Talking to coworkers while interacting with customers Topic 18F 
e Personal interruptions Topic 18F 

e Dealing with difficult customers or situations Topic 18F 
* Do not argue with customers and/or be defensive Topic 18F 
e Avoid dismissing customer problems Topic 18F 
e Avoid being judgmental Topic 18F 


* Clarify customer statements (ask open-ended questions Topic 18F 
to narrow the scope of the problem, restate the issue, or 
question to verify understanding) 


* Do not disclose experiences via social media outlets Topic 18F 


* Set and meet expectations/timeline and communicate Topic 18F 
status with the customer 


* Offer different repair/replacement options, if applicable Topic 18F 
* Provide proper documentation on the services provided Topic 18F 


* Follow up with customer/user at a later date to verify Topic 18F 
satisfaction 


* Deal appropriately with customers’ confidential and private Topic 18F 
materials 


* Located on a computer, desktop, printer, etc. Topic 18F 
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Domain and Objective Covered in 
4.8 Identify the basics of scripting. 
* Script file types Topic 18E 
* „bat Topic 18E 
e psi Topic 18E 
* wbs Topic 18E 
* sh Topic 18E 
e py Topic 18E 
e= jS Topic 18E 
e Environment variables Topic 18E 
* Comment syntax Topic 18E 
e Basic script constructs Topic 18E 
* Basic loops Topic 18E 
e Variables Topic 18E 
e Basic data types Topic 18E 
+ Integers Topic 18E 
* Strings Topic 18E 
4.9 Given a scenario, use remote access technologies. 
* RDP Topic 9D 
* Telnet Topic 9D 
* SSH Topic 9D 
e Third-party tools Topic 9D 
* Screen share feature Topic 9D 
e File share Topic 9D 
* Security considerations of each access method Topic 9D 
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Activity 1-1: Implementing an Anti-ESD Service Kit 


1. Describe the equipment you should use to prevent static electricity on your body from 
damaging the equipment on which you are working. 


An anti-ESD service kit comprising an anti-ESD wrist strap, grounding cord and plug, and a conductive mat. 
The grounding plug should be connected to an earthed point. 


3. True or False? If you are using an anti-static floor mat, you do not need any other anti- 
ESD service equipment. 


False. A mat should be used with a wrist strap. You may also need ESD-safe packaging for storing 
components. 


4. In which atmospheric conditions is the risk of ESD highest? 


During cool, dry conditions when humidity is low. When humidity is high, the static electricity can dissipate 
through the moisture present in the air. 


5. Electrical injuries include electrocution, shock, and collateral injury. Would you be 
injured if you are not part of the electrical ground current? 


Yes, you could receive a thermal burn from the head of an electric arc or electric equipment. Your clothes 
can catch on fire, or your skin can be burned. 


6. Which computer component presents the most danger from electrical shock? 
O System boards 
O Hard drives 
© Power supplies 
O System unit 
7. What component helps to protect users of electrical equipment against a short circuit? 
O Resistor 
© Fuse 
O Power supply 
O ESD wrist strap 


8. What care should you take when lifting a heavy object? 
The main concern is damaging your back. Lift slowly using your legs for power not your back muscles. 
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9. What should you do before transporting a bulky object? 


Check that there is a clear path to the destination point. If you cannot carry the 
object safely, get help or use a cart. 


Activity 1-2: Discussing PC Components 


1. Describe how you would open a PC case to access the motherboard. 


Power down the PC and remove the power cable. With the power cable removed, 
hold the power button down for a few seconds to ensure PC is completely de- 
engergized. Then, remove any screws holding the case cover in place, and slide the 
cover out from the retaining clips. This should expose the motherboard. You would 
usually need to remove other panels only to access storage devices. 


2. At the rear of a system case are slots for adapter card ports. Why 
should these be covered with blanking plates if not in use? 


The fan system is designed to draw cool air across the motherboard and blow out 
warm air. Large holes in the chassis disrupt this air flow. Also dust will be able to 
settle on the system components more easily. 


3. What is the most likely explanation? 


The cable connecting the power button to the motherboard could have been 
disconnected and either not reconnected or not properly reconnected. 


4. What is the main function of the chipset? 


Provides controllers for the CPU to interface with other components (memory and 
expansion bus for instance) and adapters to provide functions such as video and 
audio, and Ethernet and wireless networking on the motherboard. 


5. True or false? The Real Time Clock controls the timing of signals 
between the CPU and other components. 


False. The system clock controls timing; the Real Time Clock keeps track of the 
calendar date and time. 


6. What type of socket is used to install system memory? 
Dual Inline Memory Module (DIMM). 


7. You have a x8 PCle storage adapter card—can you fit this in a x16 slot? 


Yes—this is referred to as up-plugging. On some motherboards it may only function 
as a x1 device though. 


8. What is the bandwidth of a PCle v2.0 x16 graphics adapter? 
8 GBps in each direction (full duplex). PCle v2 supports 500 MBps per lane. 


Solutions 
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9. What type of motherboard is displayed here, and what characteristics did you use 
to help you identify the board type? 


6.7 inches 


Based on its small size dimensions and compact component design, this motherboard is a mini- 
ITX. 


10.What type of motherboard is displayed here, and what characteristics did you use 
to help you identify the board type? 


12 inches 


~10 inches 


You can tell by the large size and large number of available components and slots that this 
motherboard is an ATX. 


Solutions 
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Solutions 


Activity 1-3: Identifying Connection Interfaces 


1. In this graphic, identify the (A) audio ports, (B) video ports, and (C) USB 


ports. 


Moving from left to right, the components should be labeled: C, B, C, A. 


. You are speaking with a junior technician. He is not sure what is 


meant by a "keyed" connector. Can you tell him? 


A keyed connector has a catch or slot to ensure that it cannot be inserted the wrong 
way round or used with an incompatible port. 


. What is the nominal data rate of a USB port supporting SuperSpeed+? 


Normally 10 Gbps, but devices supporting USB 3.2 can use up to 20 Gbps over USB- 
C cabling. 


. True or false? USB-C ports and cables are compatible with Apple 


Lightning ports and cables. 
False. 


. What type of device would you connect a Molex cable to? 


A Molex cable is a power cable. Normally, devices such as disk drives and optical 
drives require more power than can be delivered over the data bus. Note that most 
drives actually use SATA power connectors these days. 


. Why would you install an I/O adapter card? 


To make more or different kinds of ports available (SCSI, USB, or SATA typically). 
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Activity 1-4: Demonstrating PC Disassembly and Reassembly 


2. Draw a diagram showing the layout of the components you identified above. 


In the reference image, there are four DIMMs (DDR4 but the label is not legible), two of which are 
used. From top to bottom, the PCle slots are x1, x16 (occupied by graphics adapter card), x4 (hard 
to see), and x16. There are two SATA ports on the right edge, connecting two HDDs. The card 
below them is an SSD connected to an M.2 port. There are actually two more SATA ports in the 
middle of the board, but these are obscured by the CPU heat sink—you can follow the cable back 
to the optical drive bay though. The RTC battery is just visible below the CPU, and learners should 
be able to make out the fan connections. The P1 connector is beneath the jumble of cables. Some 
of the front panel connectors on the bottom edge are easy to pick out from the cables. It isn't 
easy to identify their type, though (from left to right: audio in, USB, speaker). The connectors for 
another set of USB ports plus LED and power are beneath the cable ties. 


3. Write down any problems you might suspect with the way the system is built (for 
example, cables not connected to devices, scorch marks, excessive dust or dirt, 
and so on). 


Responses will vary depending on the systems being examined. 


6. What ports can you identify? 


USB 3 ports and plugs have blue tabs and usually an "SS" label for SuperSpeed. USB 2 ports and 
plugs are supposed to have white tabs but this is not so commonly observed. In the reference 
image, starting on the left there are two PS/2 ports (mouse and keyboard). Note that it is quite 
common for vendors to continue to include these on servers and workstations for use with KVM. 
Next to them is an RJ-45 port above two USB 2.0 ports. In the next block, there are two DP++ 
(DisplayPort) video ports and one DVI port. You haven't covered video ports yet, so don't worry if 
you can't identify the exact type. Next in the image are four USB 3 ports and finally the audio 
ports. The dedicated graphics adapter has a DVI and DP++ port. 


Activity 1-5: Discussing Peripheral Device Installation 


1. What is the likely cause of this issue? 
The appropriate keyboard layout has not been selected in Settings. 


2. What is your answer? 
Yes, you can use a Keyboard Video Mouse (KVM) switch for this purpose. 


3. Which peripheral device types or functions should she consider? 


A POS system reads the information stored on the customer's payment card or digital wallet. 
Historically, this information was stored in the card's magnetic strip. Most POS devices retain a 
magnetic reader as a backup mechanism. The majority of bank cards now also store the account 
information in an embedded chip, which can be read by inserting the card into the reader. This 
chip may also support contactless use or NearField Communications (NFC). A customer can also 
store the card details in a smartphone and use the smartphone's NFC chip to make payments. 
Not all POS readers support contactless and it would carry a slight price premium, so your client 
should decide whether it is important to offer this payment method to her customers. 


4. What should you do before unplugging the stick? 
Use the Safely Remove Hardware icon to stop the device. 


Solutions 
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Solutions 


Activity 2-1: Discussing Display Device Installation 
and Configuration 


1. What two types of display cabling can be connected to this laptop? 


The image shows a VGA port and an HDMI port (with an RJ-45 network port between 
them). The USB ports could be used for a portable monitor. 


2. Which ports are present on the graphics card shown below? 


The port on the left is DVI-I and the one on the right is DisplayPort. 


3. Which interfaces does the adapter cable shown below support? 


DVI-I (left) and HDMI. 


4. Acustomer is shopping for a computer game for her daughter and 
wants to know if you can explain the reference to "DirectX" on the 
packaging? 


DirectX is Microsoft's API (Application Programming Interface) for 3D and 
multimedia applications. Software such as a computer game will specify a minimum 
DirectX version. The graphics card must support this version to run the game. 
Vendors often provide support through driver updates, even for older card models. 


5. What should you configure in the Display dialog box? 
Ensure the layout of the displays in the dialog box matches their physical location. 


Activity 2-3: Discussing Display Device 
Troubleshooting 


1. Which component(s) would you prioritize for fault-finding? 


The first thing to test is the display cable. If the original cable is properly inserted at 
the computer and monitor ends, try replacing it with a known good version. If this 
does not fix the problem, inspect the ports for signs of damage. 


The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 1105 


2. What is the most likely cause of a flickering display? 


On a CRT, flickering can occur if the refresh rate is set too low. On a TFT it could indicate a 
problem with the backlight. You should also verify that the connectors are secure and rule out 
other potential cabling problems. 


3. What would you do if the image from a projector appeared narrower at the top 
than at the bottom? 


Ensure the projector lens is lined up with the whiteboard. You might be able to adjust the lens 
position using a knob or have to move the projector. If the projector or lens cannot be 
repositioned, there may be a digital keystone correction control. 


4. Which display connector types would be suitable? 
DVI, HDMI, DisplayPort, and Thunderbolt. 


Activity 2-5: Discussing Multimedia Device Installation and 
Configuration 


1. What size and color connector would you look for to plug a basic microphone into 
a PC? 


3.5mm jack, which is often color coded pink. 


2. You have installed a new sound card in a computer designed for home 
entertainment. What type of connector would you use to connect a digital 
surround sound speaker system to the new card? 


S/PDIF—optical or coax. Coax for audio uses RCA connectors. An optical S/PDIF connector is also 
sometimes referred to as TOSLINK. Note that a lot of home entertainment setups might just 
output audio over HDMI with the signal from the graphics adapter. 


3. What type of speaker unit is the ".1" in a 5.1 or 7.1 surround sound system and 
where do you suggest this speaker be placed? 


Subwoofer for bass (low frequency) response. Start with placing it in the front of the room, but 
consider trying other locations to see where you get the best base response for the space in 
which the surround sound system is set up. 


4. What type of interface would allow a software program running on the PC to 
operate a synthesizer connected as a peripheral device? 


MIDI (Musical Instrument Digital Interface). 


5. What sampling rate from a sound card would you require if you want to be able to 
record CD-quality sound? 


16-bit @ 44.1 KHz. 


Activity 3-1: Discussing System Memory Installation 


1. What are the principal characteristics of DRAM technology? 


Each cell in Dynamic RAM must be refreshed periodically to preserve its charge. It is high density 
and low cost. 


Solutions 
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Solutions 


2. 


Why is Synchronous DRAM so-called? 


Because it works at the same speed as the motherboard. 


. What is the clock speed of PC2100 DDR SDRAM? 


133 MHz. 


. How many pins are there on a DIMM stick of DDR2 SDRAM? 


240 


. How can you distinguish memory slots on the motherboard? 


They have plastic clips at either end. 


. How is laptop system memory typically packaged? 


SODIMM. 


. How would you determine which slots to use? 


Check the system guide—most Intel boards would require the use of slots 1 and 3 to 
use both channels, but it's best not to proceed without consulting the vendor's 
documentation. 


. Your PC's system bus is 800 MHz. You have one 1 GB stick of PC3-12800 


installed already. You have a 1 GB stick of PC3-8500 available. Should 
you add it to the system? 


You should realize that the whole memory bus will operate at the slower speed, but 
otherwise there is no definitive answer—it does depend on how the PC is used. The 
performance benefits of more RAM probably outweigh the speed penalty in most 
circumstances, though. 


. What steps would you take to resolve this job ticket? 


First, verify that the correct memory type was installed on the system and in the 
correct configuration (consider whether dual-channel memory was installed in the 
correct slots). Check that the new memory module is seated properly in its slot. Try 
swapping memory around in the memory slots. 


Activity 3-3: Discussing Mass Storage Device 
Installation and Configuration 


. True or false? The read/write heads on an HDD require regular 


cleaning to obtain optimum performance from the disk. 
False. 


. What basic factor might you look at in selecting a high-performance 


drive? 


RPM—the speed at which it spins. Other factors to consider include the access and 
seek times, rotational latency, internal and external rater rates, and reliability. 


. What is a S.M.A.R.T. hard disk? 


One with Self Monitoring Analysis and Reporting Technology. This means that it can 
provide status reports to diagnostic software. 
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4. True or false? SATA is an interface for hard drives only. 
False. 


5. How many storage devices can be attached to a single SATA port? 
One. 


6. In what two ways could a PC be configured to use an SSD cache? 


Using a hybrid drive unit with both SSD and magnetic HDD devices or using a dual-drive 
configuration (with separate SSD / eMMC and HDD units). 


7. You are upgrading a drive. You have removed the main panel from the PC, 


disconnected the data and power cables, and removed the screws holding the 
drive to the cage, but it will not slide out. What is your next step? 


Remove the second panel and check whether there are screws on the other side. 


Activity 3-5: Discussing Removable Storage Device 
Installation and Configuration 


1. What is the primary benefit of using removable solid state storage? 


Answers will vary, but should include the portability of thumb drives and flash memory cards plus 
easier and faster rewriting compared to optical media. 


2. Which two media types allow you to write to an optical disc only once? 
CD-ROM 
CD-R 


CD+RW 


NON CO 


DVD+R 
CI pvp-rw 


3. Ifa CD writer is 12x8x32x, what is the maximum transfer rate when creating a CD- 
R? 
1.8 MBps (1800 KBps). 


4. True or false? DVD-RW media allows double-layer recording. 
False. Only DVD, DVD-R, or DVD+R media can be double layer. 


5. What is the transfer rate of a 10x DVD drive? 
13.21 MBps 


6. What is the capacity of a single Blu-ray dual-layer recordable disc? 
50 GB (25 GB per layer). 


7. True or false? A memory card reader is needed to attach a USB flash memory 
drive to a PC. 


False—the "drive" will plug into any USB port. 
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8. Name the two main specifications for currently available memory card 
formats. 


Secure Digital (SD) and Compact Flash (CF). 


Activity 3-6: Discussing RAID Configuration 


1. If you have a computer with three hard disks, what type of RAID fault- 
tolerant configuration will make best use of them? 


RAID 5 (striping with parity); RAID 0 is not fault-tolerant and RAID 1 and RAID 10 
require an even number of disks. 


2. How much space will be available? 
360 GB. 


3. What is the minimum number of disks required to implement RAID 10 
and how much of the disks' total capacity will be available for the 
volume? 


RAID 10 requires at least four disks (two mirrored pairs) and comes with a 50% 
capacity overhead so the volume will only be half the total disk capacity. 


Activity 3-7: Discussing Storage Device 
Troubleshooting 


1. What would you suggest? 


Do not use other applications at the same time as DVD writing, make sure that the 
source files are on the local hard disk (not a removable or network drive), or try 
using a slower write speed. 


2. What should you do? 


Check the boot order in system setup is set correctly; check that the disc is not dirty 
or scratched. 


3. If you experience an error such as “BCD missing" when booting the 
computer, what action could you take? 


Use the Startup Repair tool or run bootrec /rebuildbcd. 


4. Auser reports hearing noises from the hard disk—does this indicate it 
is failing and should be replaced? 


Not necessarily—hard disks do make noises but they are not all indicators of a 
problem. Question the user to find out what sort of noises are occurring or inspect 
the system yourself. 


5. What is the likely cause and how might you attempt to fix it? 


The file system is corrupt. You can try using the Startup Repair tool or run bootrec / 
fixboot to recover it without losing data. 


6. What should be your first troubleshooting step? 


Determine whether a data backup has been made. If not, try to make one. 
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7. What command could you use to try to repair the error? 
bootrec /fixmbr 


8. What should you do? 


A degraded volume is still working but has lost one of its disks. In most RAID configurations, 
another disk failure would cause the volume to fail so you should add a new disk as soon as 
possible (though do note that rebuilding the array will reduce performance). 


Activity 3-8: Troubleshooting Storage Devices 


2. What is the possible cause and solution to this type of issue? 
@ The hard drive is physically damaged, so the drive must be replaced. 
O A virus has attacked the hard drive, so you can use antivirus software to mitigate the issues. 
O Data is corrupt on the drive, and the PC has not been shut down correctly. 


3. What is the most likely cause of the problem? 


The most likely cause of this problem is a bad hard drive—some of the sectors on the hard drive 
are probably damaged. You will probably need to replace the hard drive. If you do continue to use 
the drive, monitor it closely and ensure that the user backs up file data often. 


4. What steps might you take to attempt to resolve this problem? 


You could try running the Windows error-checking option in the Tools pane of the Local Disk 
Properties dialog box. Definitely back up the data if you can get to any of it. You can try using 
other software utilities to recover the data or take the drive to a data recovery facility. 


5. What is the most likely cause of the problem? 


If it is not caused by a virus, the most likely cause of this problem is a bad hard drive, and you will 
probably need to replace it. If you do continue to use the drive, monitor it closely and ensure that 
the user backs up file data often. 


6. What steps might you take to attempt to resolve this problem? 


You should isolate the system or drive and check for viruses, because the result of some 
infections looks like this problem. If you do not identify a security issue, use error checking tools, 


such as Windows chkdsk, to scan the file system. Back up the data if you can get to any of it. 
You can try using other software utilities to recover the data or take the drive to a data recovery 
facility. 


Activity 4-1: Discussing CPU Upgrades 


1. What limits upgrade potential for the system processor? 
The type of CPU socket and chipset provided on the motherboard. 


2. How can CPU performance be improved? 


Overclocking—setting the processor to run at a higher clock speed than it was designed for. 
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3. 


Why can cache improve performance? 


A CPU tends to repeat the same routines and access the same data over-and-over 
again. If these routines are stored in fast cache RAM, they can be accessed more 
quickly than instructions and data stored in system memory. 


. What does SMP mean? 


Symmetric Multiprocessing—installing more than one CPU. This requires a 
motherboard with multiple CPU sockets. 


. How is the heat sink and fan assembly attached, and what problems 


can occur releasing it? 


The heat sink is attached to the motherboard via a clip or push pins. There will also 
be a power connector for the fan. Clip mechanisms can be difficult to release; push 
pins are now more common and just require a half turn on each pin with a 
screwdriver to release. Another issue can arise where too much thermal paste has 
been applied, causing the heat sink to stick to the processor. 


. What must you check when inserting a PGA CPU chip? 


That pin 1 is aligned properly and that the pins on the package are aligned with the 
holes in the socket. Otherwise, you risk damaging the pins when the ZIF lever is 
lowered. 


. What is the difference between a heat sink and a heat pipe? 


A heat sink uses solid metal fins to dissipate heat through convection (often assisted 
by using fans to move air across the fins). A heat pipe contains fluid that evaporates 
in the area over the CPU, cools and condenses in a another part of the pipe, and 
then flows back to the area over the CPU to continue the cycle. 


Activity 4-3: Discussing BIOS/UEFI Configuration and 


Updates 


. What advantages does UEFI have over BIOS? 


UEFI supports 64-bit CPU operation and better hardware support at boot. UEFI also 
allows for full GUI system utilities and mouse support plus better system startup 
security options (such as pre-OS boot authentication). 


. Name three keys commonly used to run a PC's BIOS/UEFI system setup 


program. 
Esc, Del, F1, F2, F10. 


. What widely supported boot method is missing from the following list? 


HDD, FDD, Optical, USB. 


Network/PXE (Pre-eXecution Environment)—obtaining boot information from a 
specially configured server over the network. 


. Where should you launch a typical firmware upgrade utility—from 


system setup or from Windows? 


If the option is available, it is safer to run a firmware upgrade from the system setup 
program as it reduces the risk of some other process interfering with the update. 
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5. If you want to enforce TPM system security, what other BIOS feature should you 
enable? 


A supervisor password to prevent the TPM keys from being accessed or cleared. 


6. True or false? Processor extensions such as VT are set by the vendor depending on 
the CPU model and cannot be enabled or disabled by the user. 


Mostly false. A feature such as VT is sometimes disabled on some low-end models, but if it is 
available as a feature of that model, the user can choose whether it is enabled or disabled. 


7. Auser's computer was recently installed with a new optical drive. The user now 
reports a "chassis" error message after the POST sequence. What might be the 
cause? 


Intrusion detection is enabled in the BIOS. 


8. When you are configuring BIOS security, what is the difference between a 
supervisor password and a user password? 


The user password allows the boot sequence to continue, while a supervisor password controls 
access to the firmware setup program. 


9. What security system allows system boot to be disabled if the computer is 
reported stolen? 


LoJack for Laptops (other tracking software suites are available). 


Activity 4-4: Discussing Power Supply Installation 


1. How would you calculate the power used by a component? 
Multiply its voltage by the current it draws (W=V*1). 


2. What causes a fuse to blow—excessive voltage or excessive current? 


Excess current. 


3. What is the significance of a PSU's power output when you are designing a custom 
build PC? 


It determines the number of drives, expansion cards, and peripherals that the PC can support 
(assuming the peripherals do not have their own power supplies). 


4. Are you able to use a standard ATX12V PSU with a Mini-ITX motherboard? 


Yes (assuming it fits in the case you have chosen). 


5. You have a power supply with an 8-pin connector on it. What is this for? 


It supplies power to a PCI Express graphics card. 


6. You are connecting a new PSU. The PSU has a square 4-pin P4 cable but there is no 
square 4-pin receptacle on the motherboard. Should you leave the cable 
disconnected? 


No; it will plug into an 8-pin EPS12V receptacle near the CPU. You should check the motherboard 
documentation for advice about which pins to plug the cable into. 


7. What setting should you check before installing a PSU? 


That the voltage selector is set to the correct voltage (or if there is no selector, that the PSU is 
suitable for the voltage used by the building power). 
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8. What do you think might be the cause? 


You would need to open the case to investigate the problem. Perhaps when the 
upgrade was performed, one of the fan power connectors was not attached 
properly. If the PSU cabling was not secured with cable ties, it could disrupt air flow 
within the case, reducing the effectiveness of fans. There could be a fault with the 
fan on the new PSU. 


Activity 4-6: Discussing System Component 
Troubleshooting 


1. What cause might you suspect if a PC experiences intermittent 
lockups? 


Assuming the cause is not recent installation of faulty software or hardware, then 
thermal or power problems are most likely. Loose connections or faulty memory or 
CPU are also possibilities. 


2. How might you diagnose a thermal problem? 


Feel if the system is hot to touch, check temperature gauges, watch for cyclic lockup/ 
reboot problems. 


3. What measurement would you expect from a multimeter if a fuse is 
good? 


Zero ohms. 


4. What might stop a POST from executing? 


Faulty cabling and connections, poorly-seated chips, faulty interfaces and devices, 
logic errors, faulty CPU, motherboard, or PSU. 


Activity 4-7: Diagnosing Power Problems 


1. What would you do to resolve this problem? 


Unplug the power cord. Remove the system cover. Using compressed air, remove 
the dust from around the fan spindle. Verify that there is no obvious reason the fan 
is not spinning. Replace the power cord and restart the computer. Verify that the 
computer starts properly. If these actions did not fix the problem, you would need 
to replace the power supply. Leaving the problem alone would allow heat to build 
up to dangerous levels, causing serious damage to the system. 


2. What would you do to resolve this problem? 


An odor coming from the power supply could be a sign that there is something 
wrong. Because you have just replaced the unit, verify that all the connections are 
secure and that the fan is functioning. Restart the machine and verify that the power 
supply is running as it should. Once the functionality of the unit is verified, then odor 
is probably a result of installing a new power supply unit. If the odor does not go 
away in a few days, then contact the power supply manufacturer. 
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4. What would you do to resolve this problem? 


Verify that the power cord is securely connected to the power supply and to the electrical outlet 
on the surge protector. Verify that the surge protector is turned on and plugged in. Verify that the 
surge protector is working by plugging in a known good electrical device and turning it on. If the 
device did not turn on, check to see whether any reset buttons need to be reset on the surge 
protector, or check the electric outlet's circuit breaker. Restart the computer. If these actions did 
not solve the problem, you would need to replace the power supply. 

5. Why is it so high? 
A wrist strap must allow high voltage charges to leak from your body and clothing through the 
ground, but prevent large currents from flowing into your body and causing an electric shock. This 
is accomplished by a megaohm resistor. 


6. What does it mean if the reading is zero or over range? 


The fuse has blown and must be replaced. 


Activity 4-8: Diagnosing System Errors 
1. What initial steps should you take to identify and resolve a potential CPU 
problem? 
O Replace the CPU with a known-good processor. 
A Verify that the CPU fan and other cooling systems are installed and functional. 
O Replace the motherboard. 
WY If the CPU is overclocked, throttle it down to the manufacturer-rated clock speed. 


2. All other diagnostic and corrective steps have failed. You need to verify that it is 
the CPU itself that is defective. What should you do? 


© Replace the CPU with a known-good chip. 
O Remove all the adapter cards. 
O Reinstall the operating system. 


O Replace the motherboard. 


Activity 4-9: Discussing Custom PC Configuration 


1. Which component is likely to be a performance bottleneck on a workstation used 
to edit digital movies? 


The disk subsystem is most likely to cause the performance bottleneck. The files will be too large 
to be stored completely in system memory and so must be streamed from the disk, which will 
need to be both large and fast. 
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2. 


1. 


For what type of workstation is a CPU with 4 or more cores particularly 
well suited? 
Multiple cores benefit software that can take advantage of multi-threading. 


Examples include virtualization software and Rapid Application Development (RAD) 
tools. 


. You are specifying a PC to act as a home theater. What multimedia 


outputs should it support? 


Surround sound audio outputs to the speaker system and HDMI to the TV screen. 


. Which factors are most likely to make a PC used for gaming require 


high-end cooling? 


These PCs use at least two heavyweight processors: the CPU and GPU. Also, gamers 
are more likely than most other users to overclock components to improve 
performance. Overclocking requires very effective thermal management solutions. 


. Ona thin client, which component is more important: NIC or HDD? 


Thin clients do not need much permanent storage at all—some can make do 
without any mass storage. They do not generate that much network traffic either 
but that said, the NIC is the more important component here. 


. Why might high-spec components (CPU, memory, RAID) not be a good 


idea in a home theater PC? 


These devices need to operate as quietly as possible and using high-spec 
components means heat, heat requires cooling, cooling usually means fans, and 
fans mean noise. 


Activity 4-10: Selecting Components for Custom 
Workstations 


A user needs to be able to access the central employee data repository 
to run reports, but does not need access to any local applications used 
to create, edit, and manage the employee data. The employee data is 
managed on a server that can be accessed with a log in. What type of 
client is best in this case? 


© Thin client 
Q Virtualization workstation 


O Thick client 


2. June has recently been put in charge of making updates to the Human 


Resource employee benefits website. She will be publishing a monthly 
newsletter and posting company-wide announcements, among other 
small updates and changes, on a regular basis. All changes to the 
website must be tested on a number of platforms and web browsers 
to verify that the changes are correct regardless of the operating 
system and browser. What type of client setup would you suggest for 
her? 


Answers will vary, but will most likely include a virtualization workstation so that she 
can switch from different operating systems and test any website changes quickly. 
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3. In order to properly support the HR employee benefits website, a new server 
running client VMs has been installed so that the environment that the 
application requires can be strictly administered by IT staff. Current PCs will be 
used to access the Client VM environment that is configured on the VM 
Server. What needs to be present at all PCs that will be accessing this new server 
and application? 


Wi Appropriately configured VM Client. 
[A Fast network connection to server hosting the VM environment. 
O Upgrade to video cards. 


4. True or False? The HR manager's client computer must meet the recommended 
requirements to run Windows 10 so that she can access and use all of the HR- 
related applications used by the organization. In this case, the best client option is 
a thick client. 


True 


Activity 4-11: Selecting Components for Custom Personal 
Computers 


1. What type of computer setup would you suggest for this customer? What specific 
questions might you ask this customer about additional component needs? 


Answers may vary, but will most likely include setting up a home server PC for easy file sharing 
among the household computing devices and to provide more speed to play movies from the PC. 
You may ask if they are in need of additional storage space and if they are looking for redundancy 
through a RAID array in the PC. 


2. What hardware and software requirements would you suggest for the graphic 
designer's workstation? 


Answers may vary, but will most likely include a PC with a high-end, multicore processor, a high 
end video card, and the maximum RAM that the motherboard can handle. In addition, the 
motherboard should contain multiple high-speed ports for peripherals such as external hard 
drives or additional video cards. The applications will most likely include Adobe's Creative Cloud 
or similar graphic-design software. 


3. What would you check for first? 


She needs to have a TV tuner card installed in the computer. The tuner card provides the port to 
connect the cable from the provider to the computer. You would also want to verify that the tuner 
card is correctly configured, and that all device drivers are installed and up-to-date. 


Activity 5-1: Discussing Laser Printer Maintenance 


1. Why is a laser printer better suited to most office printing tasks than an inkjet? 


Laser printers are much faster, quieter, and better quality (the pages do not smear) than inkjets at 
this type of output. They also have lower running costs. 
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2. What makes the power supply in a printer different to that used ina 
PC? 
A PC's Power Supply Unit (PSU) only needs to generate voltages up to 12 V DC. The 
charging and transfer corona wires/rollers in a laser printer require much higher 


voltages. To apply a 600 V charge to the drum, for instance, the corona wire must be 
charged to 1000 V. 


3. How is the imaging drum in a laser printer charged? 


Applying a uniform high charge to the photosensitive drum using the primary 
corona wire or roller. 


4. What is the removal of the charge from the photosensitive drum by a 
laser called? 


Laser imaging or writing. 


5. What is the process of image transfer? 


Passing paper between the photosensitive drum and the secondary or transfer 
corona wire or roller. This attracts the toner from the drum to the paper. 


6. What must you do before installing a new toner cartridge into a 
printer? 
Remove the packing strips. The printer should also be turned off, and the old 
cartridge should be removed and placed into a sealed bag for recycling. 


7. Which components are provided as part of a laser printer 
maintenance kit? 


The main component is a new fuser assembly. The kit will also usually contain a 
transfer/secondary charge roller plus paper transport rollers for each tray (pickup 
rollers and a new separation pad). 


Activity 5-2: Discussing Inkjet Printer Maintenance 


1. Which inks are typically used in the color printing process? 


Cyan, Magenta, Yellow, and Black (CMYK). Do be aware that some printers can use 
more inks. For example, a 6-color printer might add Light Cyan and Light Magenta 
inks, or Orange and Green inks (hexachrome). 


2. What two types of print heads are used by inkjet printers? 


Thermal and piezoelectric. The thermal type is also known by Canon's Bubble Jet 
trademark because of the way the print head creates an ink bubble by heating. Most 
other printer vendors use thermal technology but Epson printers use their 
piezoelectric pump-like process. 


3. What would you do? 


Try using the printer's built-in cleaning cycle, and then replacing the ink cartridge. If 
these do not work, try using an after market cleaning product. Try using the printer 
properties sheet to check for print head alignment, color settings, and other 
settings. 


4. Can inkjet printers use plain copy paper? 


Yes, but this type of paper will not produce the best results. It is better to use paper 
designed for inkjets. There are different grades of inkjet paper. Higher-grade paper 
allows for glossy photo printing. 
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5. What is an ASF? 


An AutoSheet Feeder (ASF) allows the printer to load a sheet of paper from a tray, using pickup 
rollers to move the sheet and a separation pad to make sure only a single sheet is fed at one time. 


Activity 5-3: Discussing Impact, Thermal, and 3D Printer 
Maintenance 


1. What type of printer technology is a dot matrix printer? 


It is commonly described as an impact printer. 


2. What types of paper/stationery can dot matrix printers use that laser and inkjet 
printers cannot? 


Multi-part or continuous tractor-fed stationery and carbon copy paper. 


3. Where are you must likely to encounter thermal printers? 


Direct thermal printers are typically used as handheld receipt printers. There are other thermal 
printer types. For example, dye sublimation printers are often used for photo printing. 


4. What maintenance should you perform? 


Using the steps in the printer documentation, replace the ribbon in the printer and clean the print 
head. If this does not fix the problem, replace the print head. 


5. How should you resolve this problem? 


Open the printer and locate the label that came off the backing. Remove the label and if there is 
any sticky residue, clean it with isopropyl alcohol (IPA) applied to a swab. Ensure the roll of labels 
is properly loaded and that there are no loose labels that might come loose again. 


6. What do you need to create objects with an FDM-type 3D printer? 


You will need spools of filament, usually made of some type of plastic, to create 3D objects ona 
print bed or build surface. 


7. What considerations for locating a 3D printer do you have to make? 


The 3D print process is sensitive to movement and vibration, so the printer must be located ona 
firm and stable surface. The process can also be affected by dust and the ambient temperature 
and humidity (especially variations and drafts). Finally, some printer types are fully exposed so 
there is some risk of burns from the high-heat elements. Ideally, the printer should not be 
accessible to untrained staff. 


Activity 5-4: Discussing Printer Installation and 
Configuration 


1. When you are purchasing a new printer, what would you need to decide between 
as you evaluate connections? 


Almost all new printers use USB, so the main consideration would be whether you needed 
support for a wireless or Ethernet connection. 


2. How many printer drivers must you install? 


One. Applications rely on the operating system to mediate access to devices. They do not need 
their own drivers. 
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3. 


Should you install separate drivers for the Home and Enterprise 
editions? 


No—there is no difference between editions in this regard. You do need to install 
drivers for x86 (32-bit) and x64 (64-bit) versions, though. 


. What tool can you use to confirm that basic print functionality is 


available? 


Print a test page by using the option in the setup wizard or on the General tab of 
the Printer Properties dialog box. 


. What configuration setting would you change to make the unit 


available for print jobs? 


From Devices and Printers or Settings, select Printer Properties and then select 
the Device Settings tab. Select the Duplex Unit setting and select Installed. 


. True or false? When you print 10 copies of an uncollated job, 10 copies 


of page one are printed, followed by 10 copies of page two, then 10 
copies of page three, and so on. 


True. 


. True or false? To enable printer sharing via Windows, the print device 


must be connected to the Windows PC via an Ethernet or Wi-Fi link. 


False—any print device can be shared via printer properties. The print device can be 
connected to the Windows print server over USB, Bluetooth, Ethernet, or Wi-Fi. 
Other clients connect to the printer via the share, however, so the Windows PC must 
be kept on to facilitate printing. 


. What configuration information does a user need to use a print device 


connected to the same local network? 


The print device's IP address or host name. You might note that vendor utilities can 
search for a connected device on the local network, so "None" could also be a 
correct answer. 


. What service should a network print device run to enable an Apple 


iPad to use the device over Wi-Fi? 


The Bonjour service. 


Activity 5-6: Troubleshooting Printer Issues 


. What is the overall process for troubleshooting this issue? 


Print out a test page to see if you can reproduce the problem the user reported. If 
you see the same problem as reported by the user, identify the print defect, based 
on the type of printer, to resolve the problem. Document the steps you took to 
resolve the problem. 


. If print jobs do not appear at the printer and the queue is clear, what 


could you try first to solve the problem? 


Cycle the power on the printer. 


. Where on disk is the print file spooled in Windows? 


%SystemRoot%\System32\Spool\Printers. 
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4. What are your next steps? 


Right-click Computer and select Manage. Select Services and Applications—Services. Right- 
click Print Spooler and select Restart. 


5. How would you track down the source of a paper jam? 


Check the error message reported by the printer (this may be shown on the printer's console). It 
may indicate the location of the stuck pages. Otherwise, visually inspect the various feed and 
output mechanisms. 


6. What should you do if you cannot delete a job stuck in the print queue? 


Stop the print spooler service, delete the spooled file, then restart the spooler. 


7. What could be causing this? 


The paper might not be loaded squarely, there might be too much paper loaded into the tray, or 
the paper is creased or dirty. 


8. What effect does a worn photosensitive drum have on printing? 
Faint printing. 


9. What could be causing this? 


Poorly distributed toner or a damaged/worn transfer corona wire. If the secondary corona does 
not apply a charge evenly across the paper, less toner is attracted from the drum to the part of 
the sheet where charging failed. Note that if there are repetitive white or black marks (rather than 
stripes) that do not smudge, the issue is more likely to be dirt or grease on the drum. 


10.What effect does a dirty primary corona wire have on laser printing? 


It leaves black stripes on the paper. If the charging corona does not apply the correct charge 
evenly to the drum, toner is attracted to the place where the charging failed, creating a black 
stripe all the way down the page. 


Activity 5-8: Discussing Imaging Device Installation and 
Configuration 


1. What type of connection interface is a scanner most likely to use? 


All modern scanners will support USB. Some might have an Ethernet network port (RJ-45) or even 
wireless (Wi-Fi and/or Bluetooth), though this is more typical of Multifunction Devices (MFD) than 
standalone scanners. 


2. What type of sensor is used to capture an image for conversion to a digital file? 
Charge Coupled Device (CCD) or Complementary Metal Oxide Semiconductor (CMOS). 


3. What is the function of OCR? 


Optical Character Recognition (OCR) software can convert a scanned image of text into a digital 
text file that can be edited in a text editor or word processor. 


4. What type of imaging input device would be most useful for a Point-of-Sale (POS) 
system? 


Barcode scanner. 


5. True or false? Any type of smartphone camera can be used to read a QR code. 


True. The smartphone just needs to capture the image of the Quick Response (QR) code and be 
installed with software to decode it. 
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Activity 6-1: Discussing Wired Networks 


1. Identify each type of network described here. 


The global network is a WAN. The network at each site is a LAN. The sites within a 
city comprise a MAN. 


2. Is this the best choice? 


Cat5e will meet the requirement and will cost the least. Cat6 might offer better 
performance without adding too much cost. Cat6A would be the best choice for 
supporting future requirements, but it is likely to cost more than the customer is 
budgeting for. You should also notify the customer if plenum-rated cabling will be 
required. 


3. What is the significance of network cabling marked "CMP/MMP"? 


The cable is plenum cable, rated for use in plenum spaces (building voids used with 
HVAC systems). 


4. Which networking tool might help you? 


A punch down tool. Remember that punch down tools are used to terminate solid 
core cabling to Insulation Displacement Connector (IDC) blocks in patch panels and 
wall plates, while crimpers are used to attach RJ-45 jacks to stranded patch cord 
cabling 


5. What type of tool provides comprehensive information about the 
properties of a network cable installation? 


A cable certifier. 


6. What features of fiber optic cable make it more suitable for WANs 
than copper cabling? 


It suffers less attenuation (and therefore longer range) and is immune to EMI and 
eavesdropping. 


7. What types of connector are often used with coaxial cable? 


BNC connectors and F-connectors. 


Activity 6-2: Discussing Network Hardware Devices 


1. What is a MAC address? 


A unique 48-bit identifier coded into every network interface. This is also referred to 
as the physical or hardware address. A MAC address is expressed as 12 hex digits, 
usually with colon or hyphen delimiters between each byte value. For example: 
aa:bb:cc:00:11:22. Each hex digit expresses a 4-bit value using the characters 0 to 9 
plus A, B, C, D, E, and F. 


2. What feature(s) should you check when ordering an Ethernet network 
card? 


That it supports the correct speed (for example, Gigabit or 1OGbE) and media type/ 
connector (for example, RJ-45 for copper cabling or LC for fiber optic). 
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3. Can this device be usefully deployed on a modern network? 


No. Hubs support only half duplex mode and limited speed. There could be very specific 
circumstances in which you need to deploy a hub (to support some sort of legacy server 
equipment, for instance) but in general terms, using a hub along with modern switches and 
network adapters is likely to cause configuration errors and performance problems. 


4. What are the arguments for and against proceeding? 


As it requires no configuration, an unmanaged switch should be simpler (and cheaper) to deploy. 
An unmanaged switch will not support configuration features such as Virtual LANs (VLANs), but 
these would not be required on such a small network. A managed switch would support a remote 
configuration and monitoring interface and security features that might be useful, however. You 
might also mention traffic prioritization as a good reason to deploy a managed switch (though the 
scenario does not specify supporting VoIP handsets). 


5. Can you explain the difference and identify which technology the customer 
needs? 


The customer needs a switch supporting Power over Ethernet (PoE). This means that the switch 
sends power over the data cabling and RJ-45 port to the device. Ethernet over Power (or 
Powerline) is a means of networking devices by using building power outlets and circuits, rather 
than data cabling. 


Activity 6-3: Discussing Wireless Networks 


1. What is the maximum transfer rate of an 802.11g Wi-Fi adapter? 
54 Mbps. 


2. Why are 2.4 GHz networks more susceptible to interference than 5 GHz networks? 


Each channel in a 2.4 GHz network is only 5 MHz wide while Wi-Fi requires about 20 MHz. 
Consequently, there is not much "space" for separate networks and the chances of overlap are 
high. There are also numerous other product types that work in the 2.4 GHz band. 


3. How does 802.11n achieve greater speeds than previous Wi-Fi standards? 


Largely through using multiple reception and transmission antennas (MIMO) and channel 
bonding. 


4. Can 802.11ac achieve higher throughput by multiplexing the signals from both 2.4 
and 5 GHz frequency bands? Why or why not? 


No, because 802.11ac works only at 5 GHz. 


5. Why might a wireless mesh network topology be used? 


Each station in a wireless mesh can be made capable of discovering other nodes on the network 
and forwarding traffic. This can be used to create a network that covers a wide area without 
deploying numerous access points or extenders. 
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Activity 6-4: Discussing Internet Connection Types 


1. If you have remote employees who need to connect to the corporate 
network but they are located in a remote area with no access to high- 
speed Internet service, what do you think is the best Internet 
connection method to use? 


Satellite is the most likely option. A dial-up link is unlikely to provide sufficient 
bandwidth for a remote access VPN. In some cases, tethering to a cell phone or 
connecting to a wireless network device is an option, but this will depend on how 
remote the employees' location is and if they can get a strong cellular signal. 


2. True or false? Analog modems are required for dial-up and ISDN 
Internet access services. 
False. Dial-up uses an analog modem but Integrated Services Digital Network (ISDN) 
uses digital not analog transmissions. The link is created via an adapter called an 


NT1. This may loosely be referred to as an "ISDN modem," but it is not an analog 
modem. 


3. What type of SOHO Internet access method offers the best bandwidth? 


Fiber to the Premises is the best, but it is not always available. Fiber to the Curb and 
Hybrid Fiber Coax (cable) are the best options for the majority of residential 
subscribers. 


4. Which protocol enables a dial-up user to exchange frames of data with 
an ISP's access server? 


Point-to-Point Protocol (PPP). 


5. What type of cabling is used with the WAN port of a cable modem? 
Coax. 


6. What Internet access method would be suitable for a business 
requiring a high bandwidth connection where no cabled options exist? 


Line-of-sight microwave radio from a Wireless Internet Service Provider (WISP). 


Activity 6-5: Discussing Network Configuration 
Concepts 


1. What is the difference between a router and a modem? 


A router is a device that can forward traffic between different logical networks. 
These networks might use different media and different ways of transporting 
frames across links. In an Ethernet network, a host interfaces with the local network 
(LAN) using a network adapter. When a link is point-to-point, using media such as a 
telephone line, a modem is used to convert the signals that can be carried over the 
media from the LAN format to the WAN format. Where a router is connected to such 
links, it may be installed with a modem, but the functions of the devices are 
separate. The modem makes a physical network link with the ISP network, 
functioning at the same level as a switch. The router can make decisions about 
forwarding between logical networks. 


2. What are those four layers called? 


Link/Network Interface, Internet, Transport, and Application. 
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3. What is meant by dotted decimal notation? 


An IPv4 address is a 32-bit number expressed as four octets (bytes). A byte can be expressed as 
the decimal values 0 to 255, and these are used to represent the IP address, with dots between 
each decimal number. This scheme is easier for people to read than a binary number and reduces 
configuration errors. 


4. When is a default gateway required? 
When a host needs to communicate with hosts located outside its own IP network. 


5. What is the host's subnet mask? 
255.255.255.0. 


6. What is the purpose of a DHCP server? 


A Dynamic Host Configuration Protocol (DHCP) server automatically allocates a TCP/IP 
configuration (IP address, subnet mask, default gateway, and DNS servers) to hosts when they 
join the network. 


7. What is special about an IP address that starts 169.254? 


It is an APIPA address—that is, one automatically selected if the interface is configured to use 
DHCP but cannot contact a DHCP server. 


8. What is significant about this address? 


It is a private address and cannot be reached directly over the Internet. The host must use a 
router with address translation or a proxy service to communicate on the Internet. 


9. What is the function of NAT? 


Network Address Translation (NAT) enables a router to map private network IP addresses onto a 
public IP address. Private addressing keeps the local network more secure and reduces the 
demand for unique IP addresses. 


10.Apart from its length, what is the main difference between the structure of an 
IPv4 address and an IPv6 address? 


Both types of IP address identify a host within a specific logical network. In an IPv4 address, the 
network ID portion is determined by applying a mask to the whole address. In an IPv6é address, 
the host portion is always the last 64 bits of the address. The first 64 bits are used with network 
prefixes to identify networks and subnetworks. 


Activity 6-6: Discussing Network Services 


1. If a network application cannot tolerate a missing packet, what type of transport 
protocol should it use? 


Transmission Control Protocol (TCP). 


2. True or false? Protocols that stream video and audio over the Internet are likely 
to be based on UDP. 


True. UDP carries less overhead compared to Transmission Control Protocol (TCP), so is better 
suited to playing media files where small glitches due to lost packets are less of a problem than 
the whole video freezing. 


3. What is DNS? 


Domain Name System—servers that map host and domain names to IP addresses. 
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4. What configuration parameter must be entered to enable a client to 
use DNS? 


The IP address of a DNS server on the local network or network reachable by the 
client. 


5. True or false? An HTTP application secured using the SSL/TLS protocol 
should use a different port to unencrypted HTTP. 


True. By default HTTPS uses port 443. It is possible in theory to apply SSL/TLS to port 
80 but most browsers would not support this configuration. 


6. What protocol would a mail client use to access the message store on 
a remote mail server? 


Typically Post Office Protocol (POP3) or Internet Message Access Protocol (IMAP). A 
proprietary protocol such as MAPI (Microsoft Exchange) might also be used. 


7. If you want to configure a firewall on the mail server to allow clients to 
download email messages, which port(s) might you have to open? 


Either TCP port 993 (IMAPS) or 995 (POP3S), depending on the mail access protocol 
in use (IMAP or POP). These are the default ports for secure connections. Unsecure 
default ports are TCP port 143 and TCP port 110. Port 25 (SMTP) is used to send mail 
between servers, not to access messages stored on a server. Port 587 is often used 
by a client to submit messages for delivery by an SMTP server. 


8. What file sharing protocol(s) could you use to allow access to Windows, 
Linux, and Apple macOS clients? 


Most clients should support Server Message Block (SMB)/Common Internet File 
System (CIFS). You might want to configure Apple Filing Protocol to support older 
macOS clients. Another option is to configure File Transfer Protocol (FTP). 


9. What is the difference between SNMP and syslog? 


The Simple Network Management Protocol (SNMP) provides a means for devices to 
report statistics to a management server. Syslog provides a means for devices to 
send log entries to a remote server. 


10.What are the principal types and configuration options? 


A network Intrusion Detection System (IDS) scans packet contents for signs of traffic 
that could violate security policies. An Intrusion Protection System (IPS) can effect 
some sort of action to block such traffic. An IPS is usually provisioned as a Unified 
Threat Management (UTM) appliance to include firewall, anti-malware, and other 
security functionality. Appliances with blocking functionality are typically deployed 
inline with the network, so that all traffic passes through the appliance. Alternatively, 
a tap or sensor can be attached to the network so that traffic is copied for the 
appliance to read. 


Activity 7-1: Discussing Network Connection 
Configuration Settings 


1. What steps do you need to follow? 


Open Device Manager and the adapter's Property sheet. Select the Advanced tab 
and select the Duplex property (or Speed and Duplex). Change the value as 
required, and select OK. 
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2. True or false? If you want a computer to be available through Wake-on-LAN, you 
can disconnect it from the power supply but must leave it connected to the 
network data port. 


False. The network adapter must be connected to standby power, and the computer could not 
start anyway if it were disconnected from the power supply. 


3. Why is this? 


It has been configured with an Alternate Configuration static IP address. 


4. Why are IP addresses entered under DNS, and why should there be two of them? 
These are the IP addresses of DNS servers that will process client requests to resolve host and 


domain names to IP addresses. DNS is a critical service on Windows networks and on the Internet, 
so asecond server should always be specified for redundancy 


5. What parameters do you need to specify to connect to a VPN? 
Assuming you have a remote host topology, you need to establish a connection to a server over a 
public network such as the Internet. The VPN server then facilitates a connection to a local 
network. You need to specify the location of the VPN server as an IP address or Fully Qualified 
Domain Name (FQDN). If the VPN type is not detected automatically, you might need to configure 
extra settings or use third-party VPN client software. To connect to the VPN, the user must submit 
credentials, such as a user name and password. 


Activity 7-3: Discussing SOHO Network Installation and 
Configuration 


1. What type of cable and connectors are used to connect a modem to a phone port? 


Twisted pair with RJ-11 connectors. In the UK, the phone port might use a BT-style connector 
though. 


2. What is the function of a microfilter? 


It screens noise from data signals on jacks for voice or fax devices if DSL equipment is connected. 


3. To configure a router/modem, what type of IP interface configuration should you 
apply to the computer you are using to access the device administration web app? 


Set the adapter to obtain an IP address automatically. The router/modem will be running a 
Dynamic Host Configuration Protocol (DHCP) server that will allocate an appropriate IP address 
and DNS server. 


4. What is the effect of reducing transmit power when you are configuring an access 
point? 
It reduces the supported range of the access point. You might do this to prevent interference 
between two access points in close proximity. You might also reduce power to prevent the 
network being accessible outside a particular area (such as making the network accessible to 
indoor users only). 


5. Which standard represents the best available wireless network security? 


Wi-Fi Protected Access version 2 (WPA2). It is also worth noting that this can be configured in 
personal mode (using a passphrase shared between all users) or enterprise mode. Enterprise 
mode is more secure. Each user connects with his or her network credential, which is validated by 
an authentication server (typically RADIUS). 
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6. How can QoS improve performance for SOHO Internet access? 


A Quality of Service (QoS) mechanism allows you to elevate certain types of traffic to 
a higher priority to be processed by the router/modem. For example, you could 
create a rule reserving 80% of bandwidth for a Voice over IP (VoIP) protocol. This 
means that whenever the VoIP application is active, other protocols can use only 
20% of the router's link bandwidth, making it less likely that ordinary file downloads 
or web browsing will interfere with a call. 


Activity 7-5: Discussing SOHO Network Security 


1. True or false? A firewall can be configured to block hosts with selected 
IP address ranges from connecting to a particular TCP port on a server 
that is available to hosts in other IP address ranges. 


True. A firewall's access control entry ruleset can combine any supported criteria. 


2. What sort of configuration options are available to apply parental 
controls, as opposed to packet filtering via a firewall? 


You can set restrictions to block access at times of the day or night. You can blacklist 
web addresses (URLs), optionally on the basis of site rating schemes. You may also 
be able to block access on the basis of keyword filtering. 


3. What security method could you use to allow only specific hosts to 
connect to a SOHO router/modem? 


You could configure a whitelist of permitted Media Access Control (MAC) addresses. 


4. How would you enable access? 


Configure port forwarding on the router to send incoming connections on port 21 to 
the LAN computer. 


5. What feature on the router will simplify configuration of online 
multiplayer gaming? 
Universal Plug and Play (UPnP). 


6. True or false? To allow a PC game to accept incoming connections over 
a custom port you need to configure the Advanced Security Firewall. 


False. You can allow a process to connect via the basic firewall interface. 


7. What option on the General tab of the Internet Options dialog box is 
most relevant to user privacy? 


Delete browsing history. 


8. How would you configure a Windows 7 computer to use a proxy server 
for web browsing? 


Open the Internet Options dialog box, and select the Connections tab. Select LAN 
Settings and enter the address of the proxy. 
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Activity 7-6: Discussing Remote Access Configuration 


1. Which edition(s) of Windows support connecting to the local machine over 
Remote Desktop? 


The Remote Desktop server functionality is available in Professional, Enterprise, and Ultimate 
editions. 


2. What is the goal of RDP Restricted Admin (RDPRA) Mode and Remote Credential 
Guard? 


If the local machine is compromised, malware may be able to obtain the credentials of a user 
account connecting to the machine over Remote Desktop. RDPRA Mode and Remote Credential 
Guard are designed to mitigate this risk. 


3. True or false? SSH is not available for use with Windows. 
False. Support for an SSH client and server is being included in feature updates to Windows 10, 
and there are numerous commercial and open source products. 


4. How can you confirm that you are connecting to a legitimate SSH server? 


The server displays its host key on connection. You need to keep a record of valid host keys and 
compare the key presented by the server to the record you have. 


Activity 7-7: Discussing Network Connection 
Troubleshooting 


1. What would you suspect the problem to be? 


The computer's wireless adapter is not supported by the AP, the computer is not in range, or 
there is some sort of interference. 


2. What readings would you expect to gather with a Wi-Fi analyzer? 


The signal strength of different Wi-Fi networks and their channels within range of the analyzer. 
3. What command would you use to refresh the IP configuration on Windows 7 client 
workstations? 


ipconfig /renew 


4. What command can you use on a Linux computer to report the IP configuration? 


Historically, this could be reported using the ifconfig tool. The ip command is now 
preferred. 


5. Where would you start troubleshooting? 


You could test the PC's IP configuration, specifically the default gateway or name resolution, or 
you could check that the cable is good. 


6. What does this tell you? 


If a DHCP server cannot be contacted, the machine should default to using an APIPA address 
(169.254.x.y). As it has not done this, something is wrong with the networking software installed 
on the machine (probably the DHCP client service, TCP/IP stack, or registry configuration, to be 
specific). 
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7. If a host has a firewall configured to block outgoing ICMP traffic, what 
result would you expect from pinging the host (assuming that the path 
to the host is otherwise OK)? 


Destination unreachable. 


8. What Windows tool is used to test the end-to-end path between two IP 
hosts on different IP networks? 


tracert 


9. Which command produces the output shown in this graphic? 


This is output from netstat. Specifically, itisnetstat -ano. The switches 
show all connections, with ports in numeric format, and the PID of the process that 
opened the port. 

Command output exhibit. (Screenshot used with permission from Microsoft.) 


Activity 7-9: Discussing loT Devices 


1. What type of network topology is used by protocols such as Zigbee and 
Z-Wave? 


Awireless mesh network topology. 


2. What types of home automation device might require specialist 
installer training? 


A device such as a thermostat has to be wired safely and correctly to the heating 
controls, door locks must be fitted securely by a joiner or carpenter, and even a 
security camera would be better fitted by someone with the skills to evaluate the 
best placement. While a homeowner might attempt these as DIY jobs, a service or 
support company should not allow untrained staff to attempt this type of 
installation. 


3. What are the two main options for operating smart devices? 


Using a smartphone/tablet app, or using a voice-enabled smart speaker. Some 
devices might also support configuration via a web app. 


4. True or false? Voice processing by a smart speaker is performed 
internally so these devices can be used without an Internet 
connection. 


False. The speaker passes the voice data to a backend server for processing. 


Activity 8-1: Discussing Laptop Features 


1. What feature would you expect to find on a modern touchpad, 
compared to older models? 


Support for multi-touch. 


2. True or false? Touchpad settings would be configured via the Touch 
applet in Windows Control Panel. 


False—the touchpad is configured via tabs in the Mouse applet. 
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3. What two display settings would you expect to be able to control via a laptop's Fn 
keys? 


Screen brightness, and toggling the output between the built-in screen and external display. 


4. What device would you use to extend the functionality of a laptop while sitting at 
a desk? 


A docking station is used to extend functionality (allowing use of additional drives or adapters) but 
you could also mention a port replicator, which extends the number of connectivity options. 


5. What connectivity issue is resolved by providing a USB-to-RJ-45 dongle? 
Ethernet/wired network connectivity. 


6. What is the brand name of the standard cable lock security system for laptops? 
Kensington. 


Activity 8-2: Discussing Laptop Hardware Installation and 
Configuration 


1. What is the process for installing memory in a laptop? 


Verify that the DDR version of the upgrade module is supported by the motherboard. Take anti- 
static precautions. Locate the memory slot, which is usually accessed via a panel on the back 
cover. Move the connector up to 45° and insert the memory card, taking care to align it correctly. 
Push the card flat again. 


2. What type of standard adapter card might be used to connect internal FRU 
devices to the motherboard of a laptop? 


Mini-PCle, mSATA, or M.2. 


3. What distinguishes a magnetic hard drive designed for a laptop from one 
designed for a PC? 


Laptop drives are 2.5" (or sometimes 1.8"), rather than 3.5". They also tend to be slower (5,400 
rpm, rather than 7,200 or 10,000 rpm) and lower capacity. The largest at the time of writing is 5 
TB, so this may not be a limiting factor in practice. 


4. Is this something you can easily repair? 


Typically, the processor, the DC jack, and USB ports are attached directly on the board and cannot 
be replaced without replacing the whole laptop motherboard. If the other USB ports are 
functional, a USB hub could provide additional ports. 


5. Which items are most easily replaced in a laptop? 


The fixed drive, system memory (RAM), and plug-in wireless card will be the easiest upgradable 
components to install. If items need repairing, fans, the screen, the battery, touchpad, and the 
keyboard should be straightforward to replace, if you can obtain compatible parts. 
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Activity 8-4: Troubleshooting Common Laptop Issues 


1. If the laptop can display an image on an external monitor but not the 
built-in one, which component do you know is working, and can you 
definitively say which is faulty? 


The graphics adapter is working. The problem must exist either in the cabling to the 
built-in screen or with a screen component, such as an inverter, backlight, or the 
display panel itself. Further tests will be required to identify which (though it may be 
quicker to replace the whole screen assembly). 


2. What actions should you take in response to this issue? 


Overheating can be a sign that dust and dirt is restricting the necessary airflow 
within the device, so start by cleaning the ventilation duct with compressed air, and 
then make sure that the device is getting proper air circulation around the outside 
of the case. 


3. What would you suggest is the problem? 


The batteries in the keyboard have run down—replace them. 


4. What could be the cause? 


The laptop could be using reduced performance settings to conserve battery life. 


5. What do you suggest? 


Batteries lose maximum charge over time. It may be possible to recondition the 
battery or to use power saving features, but the only real way to restore maximum 
battery life is to buy a new battery. 


6. What might be the cause of this? 


The user could be touching the touchpad while typing, or vibrations could be 
affecting the touchpad. Update the driver, or reduce the sensitivity/disable touch 
and tap events. 


Activity 9-1: Discussing Mobile Device Types 


1. What are the principal characteristics of the phablet form factor? 


A phablet is essentially a smartphone with a screen size of more than approximately 
5.5" but less than about 7". Phablets can make voice calls and use cellular data, 
while many tablets are limited to Wi-Fi connectivity. 


2. What is the relevance of ARM to smartphones? 


Advanced RISC Machines (ARM) produce the CPU designs most widely used in 
smartphones. 


3. True or false? Smartphones use a type of memory technology that 
works both as system memory and as persistent storage. 


False—like PCs, smartphones use a variant of DDR for system memory. This is 
volatile storage so a flash memory device is used for persistent storage. 
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4. What is meant by wearable technology? 


Wearable technology is devices that the user doesn't need to hold (as they are affixed to the 
wearer via a band or clip) to provide uninterrupted interaction between computer and network 
systems and the user. Examples include Virtual Reality (VR) headsets, smartwatches (such as 
Apple's iWatch), and fitness monitors like FitBit. 


5. What technology gives an e-Reader better battery life than a tablet? 


The e-Ink display works without backlighting, producing little to no heat through resistance and 
better energy efficiency. 


Activity 9-2: Discussing Mobile Device Accessory Connection 
and Configuration 


1. What type of peripheral port would you expect to find on a current generation 
smartphone? 


For Apple devices, the Lightning port. For Android and Windows, it will be USB—either Micro Type 
B or Type-C. 


2. How would you upgrade storage capacity on a typical smartphone? 


If the smartphone supports removable flash cards such as Micro-SD, you can add a larger card. 
Otherwise, the components in these devices are not field replaceable, so there are no upgrade 
options. 


3. What technology do smartphones use to facilitate payment at points of sale? 


Near Field Communications (NFC) allows the user to touch a receiver for the phone to pass card 
data to a point of sale terminal. 


4. True or false? An IP67-rated smartwatch could be considered risk-free for wear 
while swimming in an indoor pool. 


False—IP67 rates immersion up to 1 m (for up to 30 minutes), so wearing a device while 
swimming would be a significant risk. 


Activity 9-3: Discussing Mobile Device Network Connectivity 
Configuration 


1. Why would a user be likely to disable cellular data access but leave Wi-Fi enabled? 


To avoid data charges (especially when using the device abroad). 


2. What is tethering? 


Tethering is the use of a smartphone as an Internet connectivity hub. It can share its Internet 
connection with a computer via either a cable, Bluetooth, or Wi-Fi. 


3. What serial number uniquely identifies a particular handset? 


International Mobile Station Equipment Identity (IMEI) for handsets from GSM providers or Mobile 
Equipment ID (MEID) from CDMA providers. 


4. What is the function of a smartphone's baseband processor? 


The baseband system is usually dedicated to providing radio modem functions, acting as an 
interface with the cell tower, access point, or other radio source to transmit signals. 
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5. How do you configure an autodiscover-enabled email provider on a 
smartphone? 


Just select the provider then enter the email address. If the account is detected, you 
will be prompted for the password. 


6. True or false? S/MIME is used to configure a secure connection to a 
mailbox server, so that your password cannot be intercepted when 
connecting over an open access point. 


False—S/MIME is for encrypting messages. SSL/TLS is used to secure connections. 


Activity 9-5: Discussing Mobile App Support 


1. Why must a vendor account usually be configured on a smartphone? 


Avendor account, such as an Apple, Google, or Samsung account, is required to use 
the app store. 


2. What is sideloading? 


Installing a mobile app without going through the app store. Android supports 
sideloading through the APK package format. Sideloading is not officially supported 
on iOS devices. 


3. Which types of data might require mapping between fields when 
syncing between applications? 


Contacts and calendar items. 


4. What software is used to synchronize data files between an iOS device 
and a PC and what connection methods can it use? 


iTunes. It can work over USB (with a USB-to-Apple cable) or Wi-Fi. 


5. How might an app register users without implementing its own 
authentication process? 


Through federated identity management, or as the user sees it, a "Sign in with..." 
feature. If the user's sign-in with the identity service (Google or Facebook, for 
example) is cached on the device, this will enable Single Sign On (SSO) with 
supported apps. This could also be referred to as mutual authentication, of a kind 
(the app and the sign-in provider must authorize one another). 


Activity 9-6: Discussing Mobile Device Security 


1. How can the use of mobile devices by employees affect the security of 
an organization as a whole? 
Mobile devices can function much like regular computers; therefore, when they are 
used to send and receive corporate emails and to access systems and data within 
the corporate network, they are a vulnerability. If a mobile device is lost or stolen, it 
could be used to access sensitive data or launch attacks. Mobile devices should be 
secured just as any other system on the corporate network. 


2. What two types of biometric authentication mechanism are supported 
on smartphones? 


Fingerprint recognition and facial recognition. 
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3. What might a locator application be used for? 


To identify the location of a stolen phone (or, perhaps, members of one's family) and to provide 
localized services (movies, restaurants, etc). 


4. What technology mitigates against an online account being accessed from an 
unknown device? 


Two-step verification—the site sends a code to a registered phone or alternative email address, 
prompting the user to verify the validity of the device. 


5. What is MDM? 


Mobile Device Management (MDM) is a class of management software designed to apply security 
policies to the use of smartphones and tablets in the enterprise. 


6. True or false? Updates are not necessary for iOS devices because the OS is closed 
source. 


False—closed source just means that the vendor controls development of the OS. It is still subject 
to updates to fix problems and introduce new features. 


Activity 9-7: Troubleshooting Mobile Device Issues 


1. True or false? A factory reset preserves the user's personal data. 


False. Restoring to factory settings means removing all user data and settings. 


2. What is the first step to take when an app no longer loads? 


Try restarting the device. If that does not work, uninstall and then reinstall the app. 


3. What should you do? 


There are a couple of issues that can cause Bluetooth connectivity problems. First, check whether 
the device batteries need replacing. Another possibility is that the tablet might need a system 
update. Finally, the devices might not have been set to discoverable mode. For security purposes, 
only enable discovery mode on your mobile device when want a Bluetooth device to find your 
device; otherwise, keep that setting disabled. The Bluetooth settings must be configured to allow 
devices to connect to the mobile device. This is also referred to as pairing. 


4. What questions should you ask, and what steps might you take to resolve the 
issue? 
You should ask if the touch screen is greasy, wet, or dirty. If it needs cleaning, remind the user to 
use only a soft cloth moistened with eye glass cleaner to gently wipe the screen. If cleaning is not 
an issue, ask if it appears to be scratched, cracked, or otherwise damaged. If so, make 
arrangements to have the touch screen replaced. If there is no visible damage, recalibrate the 
screen for the user, and check for updates. 


5. What is a Wi-Fi Analyzer used for? 


A Wi-Fi Analyzer is used to check connectivity issues with wireless. It can check for less congested 
channels. 


6. What are the causes of severe battery drain? 


The display, radio, and CPU are the components that draw the most power. If an app is 
overutilizing these resources, it could be faulty, badly written, or this could be a sign of malware 
activity. 
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Activity 10-1: Discussing Client-Side Virtualization 
Configuration 


1. What is a Type 2 hypervisor? 


Hypervisor software that must be installed to a host OS. A Type 1 (or bare metal) 
hypervisor is installed directly on the host PC. 


2. What is a guest OS? 


An OS installed on a virtual machine running within the virtual environment. 


3. What system resources are most important on a system designed to 
host multiple virtual machines? 


The CPU must support virtualization extensions (and ideally be multi-processor or 
multicore), and there must be plenty of system memory and disk space. 


4. What might you need to install to a guest OS to make full use of a 
hypervisor's features? 


The drivers for the emulated hardware (often referred to as an extensions, 
additions, or integration components). 


5. True or false? VMs can be networked together by using a virtual 
switch, which is implemented in software by the hypervisor. 


True. 


6. If users have access to virtualization tools, what network security 
controls might be required? 
AVM needs to be subject to network access control and authorization, like any 


physical computer device. The VMs need to be checked to ensure they are not 
running malware, for instance. 


7. If you are using a normal antivirus product to protect a VM from 
malware, should you install the A-V product on the host to scan the 
VM disk image or on the VM itself? 


On the VM. The A-V software will not be able to scan the disk image for malware and 
may lock the file and cause performance problems while trying to perform the scan. 


Activity 10-2: Discussing Cloud Computing Concepts 


1. How do the five components of cloud computing defined by the NIST 
work together to provide users with cloud computing services? 


Resource allocation is provided through rapid elasticity and resource pooling. 
Resource allocation is requested through on-demand self-service. Broad network 
access makes the resources available to the user. Measured service enables the 
provider to meter customer usage and bill the customer accordingly. 


2. Which type of cloud would your organization be likely to use? 


Answers will vary. Depending on how much control you need over the storage or 
services provided through the cloud, you might select a private cloud solution as the 
most secure, and a community cloud solution as the least secure. 
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3. What type of service should the provider run to enable these features? 


A measured service with the resources to cope with changing demands. 


4. How would such a cloud solution be classed? 
Offsite hosted private. 


5. What type of infrastructure is being deployed? 
Virtual Desktop Infrastructure (VDI). 


Activity 11-1: Discussing OS Types 


1. What should you advise? 


Users often need assistance when an OS version changes the desktop style or user interface. In 
Windows 10, the Start Menu and the All Programs submenu have been replaced by the Start 
Screen. The user can scroll in the Start Screen or use Instant Search to find any app. To use 
Instant Search, press the Windows key and type the app name. 


2. In terms of system hardware, what is the main advantage of a 64-bit version of 
Windows? 


Support for more than 4 GB RAM. 


3. Why might you suggest licenses for an edition of Windows 10 that supports 
corporate needs for the new computer and has upgrades for the old computers? 
Which specific edition(s) could you recommend? 


Without a domain, accounts must be configured on each computer individually. With over 30 
computers to manage at two locations, this would be a substantial task so switching to a domain 
network, where the accounts can be configured on the server, is likely to save costs in the long 
term. The BranchCache feature would also allow computers at the second office to minimize 
bandwidth usage when downloading documents (Enterprise edition only) and updates from the 
main office. You can suggest either Windows 10 Pro or Windows 10 Enterprise for use ona 
domain. As Windows moves towards a service model, subscription-based licensing of the 
Enterprise edition is becoming the mainstream choice. 


4. What issue does this raise and what answer might you give? 


The issue here is compatibility between different operating systems. Even though both are 
produced by Apple, iOS and macOS use different environments so the iOS app cannot be installed 
directly. Your company might make a macOS version. Also (and do not worry if you did not 
include this in your answer), with the latest version of macOS (Mojave), support for native iOS 
apps is being provisioned so this might be something you can offer in the future. 


5. Apart from Windows and macOS, what operating system options are there for 
client PCs? 


The other main choice is one of the distributions of Linux. A company might also use some sort of 
UNIX. Finally, Chrome OS is installed on Chromebox PCs. These are often used by educational 
institutions and businesses who rely primarily on web applications, rather than locally installed 
desktop software. 


6. What type of issue is this, and what advice can you provide? 


This is an issue with update limitations. Android is quite a fragmented market, and customers 
must depend on the handset vendor to implement OS updates for a particular model. The 
customer can only check the handset vendor's website or helpline to find out if a version update 
will ever be supported for that model. 


Solutions 


1136 | The Official COompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


Solutions 


Activity 11-2: Discussing Troubleshooting 
Methodology 


1. What should be your next troubleshooting step? 


Test the theory to determine the cause. 


2. If you have to open the system case to troubleshoot a computer, what 
should you check before proceeding? 


That data on the PC has been backed up. You should always verify that you have a 
backup before beginning any troubleshooting activities. 


3. What should be your first troubleshooting step? 


Question the user to establish all the circumstances surrounding the problem. 


4. Why does it help to categorize a problem when troubleshooting? 


A step-by-step analysis of the problem helps by making sure you approach it 
methodically and troubleshooting within a more limited area is simpler. 


5. If another technician says to you, "We'll have to strip this back to 
base?", what do they mean, and at which specific step of 
troubleshooting are you likely to be? 


Bringing a system "back to base" means re-building a troublesome system from its 
core components. You can then add extra devices one by one until the source of the 
fault is revealed. This can be time-consuming so is likely to be something you would 
try if you are testing a theory of probable cause unsuccessfully, and you need to 
establish a new theory. 


6. What should you do if you cannot determine the cause of a problem? 


You could consult a colleague, refer to product documentation, or search the web. It 
might also be appropriate to escalate the problem to more senior support staff. 


7. What should be your next troubleshooting step? 


Identify any negative consequences in applying the software patch, then devise an 
implementation plan to install the file. You need to schedule the work so as to 
minimize disruption. You should also make a plan to rollback the installation, should 
that prove necessary. 


8. After applying a troubleshooting repair, replacement, or upgrade, 
what should you do next? 
Test that the fix works and that the system as a whole is functional. You might also 


implement preventative measures to reduce the risk of the problem occurring 
again. 


9. What is the last step in the best practice methodology for 
troubleshooting and how might it be implemented? 
Document findings, actions, and outcomes. You can use spreadsheet or database 


tools, but using ticket-based management system software to create incident logs is 
best. 
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Activity 11-3: Discussing Windows Features and Tools 


1. In which management interface(s) are these settings located in the different 
versions of Windows? 


User-level features like this are configured via the Control Panel in Windows 7. In Windows 8 and 
Windows 10, there are Ease of Access settings in both the Control Panel and in the PC Settings/ 
Windows Settings app but don't worry if you just answered "Settings app." It is also worth 
remembering that you can use Instant Search to return a list of user configuration options 
quickly. 


2. Explain how this is done. Should you offer any other advice? 


There are several ways to disable User Account Control (UAC) but the simplest is via the User 
Accounts applet in Control Panel. You can also just search for "UAC" to open the dialog box. You 
should advise the customer that UAC is an important security feature and that by disabling it, his 
computer will be more vulnerable to malware. 


3. True or false? Each version of Windows has an Administrative Tools shortcut 
folder in Control Panel. 


True—the contents do vary from version to version though. 


4. When would you use the mmc command? 


A Microsoft Management Console (MMC) is used for Windows administration. Running mmc 
opens an empty console. You would do this to create a custom toolkit of the snap-ins used to 
configure advanced features of Windows. You can save the custom console for future use. 


5. What must you do to run the command? 


Open anew command prompt window with sufficient privileges. You can right-click the 
Command Prompt icon and select Run as administrator or press Ctrl+Shift+Enter with the 
icon selected. 


6. Why might you run the shut down command with the /t switch? 


To specify a delay between running the command and shutdown starting. You might do this to 
give users a chance to save work or to ensure that a computer is restarted overnight. 


7. What tasks would you perform using the regedit tool? 


This tool allows you to make manual changes to the Window Registry database. You can also use 
it to export and back up portions of the registry. You might also import registry files to apply a 
suggested fix. 


Activity 11-5: Discussing File Management in Windows 


1. Which is or are the main location(s) for system files in Windows? 


The Windows folder (or system root) contains the files used to run Windows itself. Program Files 
contains the executable and settings files installed by desktop applications. You might also 
mention that the Users folder contains user settings files, user-specific application data, and user- 
generated data files. There are also some additional hidden folders (notably ProgramData) but 
do not worry if you have not included these. 
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2. 


True or false? In Windows 7, libraries cannot contain network folders. 


False—this is one of the main reasons for using libraries. They can consolidate a 
"view" of files stored in different locations on different file systems. This includes 
shared folders on network servers and removable drives. 


. Assuming a normal configuration with no underlying file corruption, 


encryption, or malware issue, what is the cause and what do you 
suggest? 

The user does not have "Write" or "Modify" permission to that folder. If there is no 
configuration issue, you should advise the user about the storage locations 
permitted for user-generated files. If there were a configuration issue, you would 
investigate why the user had not been granted the correct permissions for the 
target folder. 


. Assuming default Explorer view settings, what steps must the user 


take? 


The user must first show file extensions, using the View tab in the Folder Options 
applet. In Windows 8/10, extensions can be shown through a check box on the View 
menu ribbon. The user can then right-click the file and select Rename or press F2 
and overtype the extension part. 


. What is the effect of running the cd. . command? 


Change the directory focus to the parent directory (equivalent of Up One Folder). 


. Which Windows command is probably best suited for scripting file 


backup operations? 


The robocopy command offers more options than xcopy so will usually be 
the better choice. The copy command is quite basic and probably not suitable. 


Activity 11-6: Discussing Windows Disk Management 


. If a single physical disk is divided into three partitions, how many 


different file systems can be supported? 
Three—each partition can use a different file system. 


. What is the difference between the boot partition and the system 


partition? 


The system partition contains the boot files; the boot partition contains the system 
root (OS files). 


. What type of partitioning scheme must a disk use if Windows is 


installed to a 64-bit UEFl-based computer? 
GPT-style partitioning. 


. True or false? A volume or partition MUST be assigned a drive letter to 


access it via Explorer. 


False—assigning a drive letter is common practice, but a partition can be mounted 
to any point in the file system. 


. What does this mean? 


The disk was configured as dynamic under a different computer then installed in 
this one. You need to import the disk to make it usable. 
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6. Is she right to be concerned and what solutions can you suggest? 


The customer is right to consider the risk and take steps to mitigate it. One option is to make a 
backup of the files so that they are always stored on at least two devices. You could also suggest 
configuring the RAID-like functionality available with the Storage Spaces feature of Windows 10. 
Note that you cannot recommend Dynamic Disks as that is not available with the Home edition. 
Using both Storage Spaces and an offsite backup method, such as copying to a cloud drive, will 
give the best protection. 


7. Is the command format d: /fs:exfat /q valid? If so, what is its effect, and 
what precaution might you need to take before running it? 
Yes, it is valid. It formats drive D with the exFAT file system by using a quick format (does not scan 


for bad sectors). This will delete the file table on the drive so existing data files can be overwritten 
—the formatted drive will appear to be empty in Explorer. If there are existing files that need to 


be preserved, they should be backed up before running the format command. 


8. (Screenshot used with permission from Microsoft.) 


Examine the screenshot. Can you explain the current configuration, the status of 
the configuration, and next steps to remedy the error? 

You should be able to identify that a mirrored volume has been configured using the Dynamic 
Disks feature. One of the disks is missing—you cannot tell why from the screenshot, but it could 
have been physically removed or is damaged. You might also be able to identify from the Failed 
redundancy message that the volume has been reactivated, so data files are still accessible. The 
volume is at risk though, as failure of the remaining disk would result in complete data loss. You 
need to back up files on the volume as a matter of urgency. You should then either repair the 
mirror with the old drive or a new drive. If it is not possible to repair the mirror, you should 
recreate it with a new disk and restore files from backup. 


Activity 11-7: Managing Files, Folders, and Disks in Windows 


7. Work out the robocopy command to move files smaller than 10 KB from the 
DATA folder to a SmallData folder on the L: drive. 


robocopy C:\LABFILES L:\SmallData\ /s /e /mov /max:10241 


8. Work out the robocopy command to recreate the directory structure of c: 
\LABFILES: within a DataLayout folder on the L: drive. 
One way to do itis robocopy C:\LABFILES L:\DataLayout\ / 
create /s /e. But this creates 0 KB placeholder file names as well as the directories. To 
recreate only the directories, use:robocopy C:\LABFILES L:\DataLayout 
\ /ereate /e /xf * 
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Activity 11-8: Discussing Windows Device 
Management 


1. How should you proceed? 


Browse the graphics adapter vendor's website and use the card's model number in 
the driver search tool to look for the latest version. Compare the version 
information for the driver on the website to the installed version (use Device 
Manager to check the installed version number). If the website driver is newer, 
download and run the setup file to install and configure it. You should ensure that 
the setup file is digitally signed by the vendor. If the driver is only provided as a 
compressed archive, extract the driver files then use the Update Driver button in 
Device Manager to select it for use with the adapter. 


2. Under Windows 10, what are the steps to revert to the previous 
driver? 


Open Device Manager from the WinX menu, Instant Search, or the Computer 
Management console. Expand Keyboards then right-click the device and select 
Properties. On the Driver tab, select Rollback Driver. 


3. Which tool can you suggest using to try to remedy the fault? 


There is an automated Windows Troubleshooting tool for diagnosing and correcting 
problems with audio playback. You should advise the customer to open the 
Troubleshooting applet in Control Panel and select the troubleshooter for audio 
playback. 


4. What does this mean and why might this configuration have been 
imposed? 
The icon indicates that the device has been disabled. It could be that there was a 
fault or there may be a network configuration or security reason for disabling the 
adapter. In this sort of situation, use incident logs and device documentation to 
establish the reason behind the configuration change. 


5. What single word command can you use to open the tool shown in the 
exhibit? For what sort of troubleshooting task might you need to use 
the information shown? 


Run the System Information tool using the ms in fo03 2 command. Each 
hardware device uses hardware resources such as an Interrupt Request (IRQ) line to 
communicate with the processor. You might need to investigate these if using 
devices that are not Plug-and-Play compatible. 


6. Can you reassure her and advise on the best course of action? 


When a computer goes into a power saving mode, it will either maintain a small 
amount of power to the memory modules or write the contents of memory to a 
hibernation file on disk. Consequently, the user should be able to start the laptop 
again and the desktop will resume with the open file still there. You should advise 
the customer to save changes to files regularly however. 
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Activity 12-1: Discussing Windows Application Management 


1. What is the most efficient means of doing this, and what security considerations 
should you make? 


Rather than try to install the application by logging on locally to each PC to run the setup file, you 
can put the installer file on a network share and use Windows Group Policy Objects (GPO) or 
some sort of script to "push" deploy the application. You can use a service account with 
appropriate permissions to install the software on the local machine. You should test this process 
and the application first in a lab environment to identify potential impacts to the local device 
and/or network. You must also ensure that the application vendor provides a digitally signed 
installer file, to prove that the code has not been tampered with. 


2. What is the third? 
Repair. 


3. How would you configure a legacy Windows 98 application to work with Windows 
10? 


Open the application's property sheet and select the Compatibility tab to select the appropriate 
mode. You can also run the Program Compatibility Troubleshooter. 


4. What is the likely cause and how could you verify this? 


The program has added a registry entry to run at startup. You could check this (and optionally 
disable the program) by using Task Manager. 


5. What additional information is shown on the Users tab in Windows 10 Task 
Manager compared to Windows 7? 


It shows user-initiated processes and resource utilization. 


6. Does this indicate a problem? 


Probably not—CPU Usage usually peaks and falls. If it stays over 80-90%, the system could 
require a faster CPU or if it spikes continually, there could be a faulty application. 


Activity 12-3: Discussing Windows Performance Management 


1. How do you enable a Windows 7 computer to function as a Remote Desktop 
Server? 


Open System properties, select Change settings, then select the Remote tab and check the 
Allow remote connections to this computer option on the Remote tab. You can also specify 
the user accounts permitted to connect to the server. 


2. Why isn't the System Protection feature a substitute for making a backup? 


System Protection restore points are stored on the local disk and so would not allow recovery 
from the failure, loss, or destruction of the disk. System Protection is designed only to allow the 
rollback of configuration changes. 


3. What is the advantage of setting the pagefile to the same minimum and 
maximum sizes? 


The pagefile will not become fragmented (assuming you defragmented the disk before doing 
this). 
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4. How would you select this in Performance Monitor and what might be 
appropriate counters to use? 


Open the Add Counter dialog box, select the Physical Disk object, select the 
counter, then select the 0 C: instance. Useful counters to use to evaluate 
performance include % Disk Time and Average Disk Queue Length. 


5. Does this indicate that a memory module is faulty? 


No—it shows the system is using the pagefile intensively and could benefit from 
more system RAM being installed. 


Activity 12-4: Discussing Windows Troubleshooting 


1. What is the full path to the Windows system log? 
%SystemRoot%\System32\Winevt\Logs\System.evtx 


2. What are the tab headings in msconfig, and which tab is not in the 
Windows 8/10 version? 


General, Boot, Services, Startup, and Tools. In Windows 8/10, the functionality of 
the Startup tab has moved to Task Manager. 


3. What device optimization settings could you check to mitigate slow 
performance problems? 


Defragment the hard disk, and ensure there is sufficient free space. Verify that the 
power management configuration is not throttling components such as the CPU or 
GPU. You can also use performance monitoring to check device utilization and 
determine whether upgrades are required. 


4. What should you advise her to do? 


Record as much information from the blue screen, especially the STOP error 
number, as she can so that you can research the particular error. 


5. What should you do? 


Try to end the application or the process using Task Manager, then contact the 
application vendor to find out why the problem is occurring. 


6. Where would you start to investigate a "Service failed to start" error? 


Check the event log for more information. 


7. Which troubleshooting tool is most likely to identify whether a 
problem is related to a device driver or to a faulty system component? 


Using Safe Mode boots with a minimal set of drivers and services. If Safe Mode 
boot is successful but normal boot is not, the issue is likely to be with driver 
software. Re-enable each driver in turn to identify the culprit. If the problem also 
manifests in Safe Mode, it is more likely to have an underlying hardware cause. 
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8. How would you troubleshoot this problem? 


[w3] Document1 - Word (Not Responding) -= 


The user will be concerned about losing any unsaved work. Ask the user to describe what he or 
she was doing at the time of the crash to try to diagnose what might have caused it. Give the 
program a few minutes to finish processing—check Task Manager for ongoing disk activity. If the 
application does not start responding, check autosave and temp folders for a recent copy of the 
file data. Use Task Manager to end the process. Restart the application and try to open any file 
data you might have recovered. Check the log files and online resources to try to diagnose the 
cause of the crash. If the problem persists, consider solutions such as disabling add-ons or 
reinstalling. Demonstrate to the user how to set up autosave (if it is not already configured) and 
how to save regularly. 


9. What should you do to fix the problem in the longer term? 


Run diagnostic software to rule out a disk problem. Recurrent file errors/corruption are a sign the 
disk is failing. You might also consider malware as a cause. 


10.What should you do? 


Boot using a recovery tool, such as the product disc, and attempt startup repair. 


11.If you suspect improper handling during installation has caused damage to a RAM 
module, how could you test that suspicion? 


Run a Memory Diagnostic. This tests each RAM cell and so should uncover any fault. 


Activity 13-1: Discussing Linux Configuration and Use 


1. What type of file system is usually used for the Linux boot partition? 


A version of ext (ext4 or ext3). 


2. What command would you normally need to run in order to access the contents 
of a USB memory stick inserted into Linux? 


mount 
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3. 


Which Linux command will display detailed information about all files 
and directories in the current directory, including system files? 


ls -la 


. What could you add to the command to make the output more 


readable? 


Either | moreor| less. 


. What command would allow you to use delete the contents of the 


folder /home/fred/junk and all its subdirectories? 


rm -r /home/fred/junk 


. What command could you use to move a file names.doc from your 


current directory to the USB stick linked to folder /mnt/usb? 


mv names.doc /mnt/usb 


. What rights does another user account have over the file? 


Read-only. 


. What command allows file and directory permissions to be changed? 


chmod 


. Which Linux command allows a user to run a specific command or 


program with superuser/root privileges? 


sudo 


10.Which file contains the list of user accounts created on Linux? 


/etc/passwd. 


11.How could you do this? 


shutdown -h 21:00 


Activity 13-3: Discussing macOS Features and Tools 


. Where would you look for the option to view and configure wireless 


adapter status in macOS? 


In the Status menu on the Menu bar, in the top-right of the screen. 


. How do you activate Spotlight Search using the keyboard? 


Command+Spacebar. 


. Where would you change the default gestures on a Magic Trackpad? 


Under System Preferences—Trackpad. 


. What is the name of Apple's multiple desktop management feature? 


Mission Control. 
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5. What is the equivalent of Explorer in macOS? 
The Finder. 


6. What app would you use to install Windows 10 on a Mac? 


Boot Camp Assistant lets you create a new partition and install a fresh version of Windows. 


7. What is the correct name for the spinning beach ball of death? 


Spinning wait cursor. 


Activity 13-4: Discussing OS Installation 


1. When should you use FAT32 for the system partition? 


When using UEFI system firmware, the EFI system partition should be formatted with a FAT file 
system. Another scenario is when you are configuring a multiboot system with an older version of 
Windows or with Linux. 


2. If you want to use PXE as an installation method, what type of compatible 
component would you require? 


Network adapter/NIC and system firmware support. 


3. What is the advantage of using a USB thumb drive to install Windows? 


You can install images larger than will fit on a DVD. This might be useful if you want to install 
multiple software applications at the same time as Windows itself. 


4. What is a recovery partition? 


A partition containing a backup of the system configuration at a particular point in time. These are 
often used on OEM PCs to enable the PC to be restored to its factory settings. 


5. What should you configure in order to perform an unattended installation? 


An answer file containing the setup configuration. 


6. What is meant by disk imaging? 


Cloning an installation from one PC to another. 


7. How would you configure a PC to join a domain during installation of Windows 7? 


Use an answer file with the appropriate settings, and ensure that a domain controller is available 
to the PC during setup. You cannot join a domain during attended setup (though you could 
immediately after setup finishes). 


Activity 13-6: Discussing OS Maintenance 


1. How do you run Check Disk in read-only mode? 


In the GUI tool, simply do not select an option to fix errors automatically. Alternatively, at a 
command prompt, run chkdsk without any switches. 


2. Which tool is used to verify file system integrity in Linux? 
fsck. 
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3. 


Which Windows tool would you use if you want the defragmenter to 
run more frequently? 


Task Scheduler. 


. Which of the following is not delivered via Windows Update? 


O Security patches. 
O Drivers. 
® Firmware updates. 


O Critical fixes. 


. How would you update an app purchased from the Mac App Store? 


Open the Mac App Store and select the Updates button. 


. What Windows utility would you use to back up data files in Windows 


10? 


File History. You could also consider OneDrive as a type of backup solution. 


. What principal restriction would you face if using the backup tool 


included with Windows 7 Home Premium? 


It only supports backing up to local drives or removable media, not to network 
shares. 


. What is the name of Apple's backup software for macOS? 


Time Machine. 


. In Linux, what command is used to view tasks scheduled by the 


current user? 


crontab -1 


Activity 14-1: Discussing Windows User Management 


. Which three principal user security groups are created when Windows 


is installed? 


Users, Administrators, and Guests. You might also include Power Users, though 
use of this group is deprecated. There are also system groups, but users cannot be 
assigned manually to these. Going beyond the account types listed in the exam 
objectives, you might include groups such as Remote Desktop Users, Remote 
Management Users, or Backup Operators. 


. What tool would you use to add a user to a local security group? 


You can change the account type between Standard and Administrator via the basic 
Users app, but the Local Users and Groups management console is the main tool 


to use. You could also use the ne t command suite or PowerShell. 
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3. True or false? If you delete a user, you can recover the user's permissions and 
group memberships by creating a new account with the same name. 


False. Accounts have a unique Security Identifier (SID) that Windows uses to track them. A newly 
created account would have the same name but a different SID. 


4. How can you ensure that an administrator-set default password for an account is 
not used permanently? 


Set the User must change password at next logon option in the user account properties. 


5. What is the function of secpol.msc? 


It is the image name of the Local Security Policy management console. You can use this to define 
system security policies, such as password complexity. 


Activity 14-2: Discussing Shared Resource Configuration 


1. How many computers can connect to the file share at any one time? 
Up to 20 computers. 


2. What is the significance of a $ symbol at the end of a share name? 
The share is hidden from the file browser. It can be accessed by typing a UNC. The default 


administrative shares are all configured as hidden. 


3. What basic NTFS permissions do you need to move a file and to copy a file? 


To move a file, you need Write permissions for the destination folder and Modify permissions for 
the source folder; to copy a file, you need Write permissions for the destination folder and Read 
permissions to the source folder. 


4. When you set permissions on a folder, what happens to the files and subfolders 
by default? 


They inherit the parent folder's permissions. 


5. If a user obtains Read permissions from a share and Deny Write from NTFS 
permissions, can the user view files in the folder over the network? 


Yes (but he or she cannot create files). 


6. What effective permission does the user have for the resource? 


Full control—the most effective permissions are applied. 


Activity 14-4: Discussing Active Directory Account and Policy 
Configuration 


1. What type of computer stores Active Directory account information? 


A Windows server running the Domain Controller (DC) role. 
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2. 


What are the prerequisites for joining a computer to a domain? 


The computer must be running a supported edition of Windows (Professional, 
Enterprise, or Ultimate). The computer must be joined to the network with an 
appropriate IP configuration (typically configured via DHCP) and be able to access 
the domain's DNS server(s). An account with domain administrative credentials 
must be used to authorize the join operation. 


. True or false? If you want the same policy to apply to a number of 


computers within a domain, you could add the computers to the same 
Organizational Unit (OU) and apply the policy to the OU. 


True. 


. What is the difference between the gpupdate and gpresult 


commands? 


gpupdate is used to refresh local policy settings with updates or changes from 


the policy template. gp result is used to identify the Resultant Set of Policies 
(RSoP) for a given computer and/or user account. 


. In Active Directory, what are the options for running a script each time 


the user logs on? 


You can specify scripts to run for a number of users by using group policy and 
attaching the policy to an appropriate container, such as an OU. You can also specify 
a script manually for each user account via the account properties. 


. How do you unlock an AD user account? 


Open Active Directory Users and Computers. and locate the user account. Right- 
click the user object and select Properties. Check the Unlock account box. Select 
OK. 


Activity 15-1: Discussing Logical Security Concepts 


. What is the third property? 


Availability—information that is inaccessible is not of much use to authorized users. 
For example, a secure system must protect against Denial of Service (DoS) attacks. 


. What security concept is being practiced in this scenario? 


The principle of least privilege. 


. What distinguishes a cryptographic hash from the output of an 


encryption algorithm? 


An encrypted ciphertext can be decrypted by using the correct key; a cryptographic 
hash is irreversibly scrambled. 


. What type of cryptographic algorithm is AES? 


The Advanced Encryption Standard (AES) is a symmetric encryption cipher. This 
means that the same key can be used to perform both encryption and decryption 
operations on a message. 


. What type of cryptographic key is delivered in a digital certificate? 


A digital certificate is a wrapper for a subject's public key. The public and private 
keys in an asymmetric cipher are paired. If one key is used to encrypt a message, 
only the other key can then decrypt it. 
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6. What happened and why did he receive the message? 


John's new tablet probably does not meet the compliance requirements for network access. Being 
anew device, it might not have had updates and patches applied, it might not have appropriate 
virus protection installed, or it does not meet some other compliance requirement. This caused 
the system to appear as a non-compliant system to the network, and network access was denied. 


7. What type of network access is facilitated by VPN? 


A Virtual Private Network (VPN) is often deployed to provide remote access to users who cannot 
otherwise make a physical connection an office network. A remote access VPN means that the 
user can connect to a private network using a public network for transport. Encryption and 
authentication are used to make sure the connection is private and only available to authorized 
users. You might also mention that VPNs can be used to other types of access (such as connecting 
one network site to another). 


Activity 15-2: Discussing Threats and Vulnerabilities 


1. What do all types of social engineering attack have in common? 


Many different of attacks can be classed as a type of social engineering, but they all exploit some 
weakness in the way people behave (through manipulation and deception). These weaknesses 
might arise from politeness and cultural norms, from habitual behavior, or from respect for 
authority and rank. 


2. What is the name of this type of attack? 


A phishing attack tries to make users authenticate with a fake resource, such as a website that 
appears to be a genuine online banking portal. Phishing emails are often sent in mass as spam. 
This is a variant of phishing called spear phishing, because it is specifically targeted at a single 
person, using personal information known about the subject (such as his or her hobbies). 


3. What is the difference between tailgating and shoulder surfing? 


Tailgating means following someone else through a door or gateway to enter premises without 
authorization. Shoulder surfing means observing someone type a PIN or password or other 
confidential data. 


4. What type of software is typically used to perform eavesdropping on an Ethernet 
network? 


A packet sniffer or packet capture utility. When combined with software to decode the frames, 
these can also be called packet analyzers or network monitors. 


5. What attack might be launched to eavesdrop on all communications passing over 
a local network segment? 


Address Resolution Protocol (ARP) poisoning or spoofing. This is a type of Man-in-the-Middle 
attack. 


6. What type of password cracking attack would work best here? 


Brute force attacks are effective against short passwords (under seven characters). Dictionary 
attacks depend on users choosing ordinary words or phrases in a password. 


7. What is the difference between a DoS and a DDOS attack? 


Denial of Service (DoS) is any type of attack that halts or disrupts a network application or 
resource. A Distributed Denial of Service (DDoS) is a specific class of DoS attack. It means that the 
attacker uses multiple hosts to launch the attack. The distributed hosts are usually PCs and other 
devices (zombies) compromised by malware (bots) controlled by the attacker. 
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8. With what type of threat is a "zero day" associated? 


A zero day is a type of software exploit. You could also say that it is associated with 
hacking and malware threats. The term arises because an attacker has found a 
means of exploiting a vulnerability in the software before the software developer 
has been able to create a patch or fix for the vulnerability. 


Activity 15-3: Discussing Physical Security Measures 


1. What type of security control is this? 


Biometric authentication deployed as part of a building's entry control system. 


2. Why might an ID badge not be restricted to use at doors and 
gateways? 


A visible ID badge shows that someone is authorized to move around a particular 
zone. This means that even if they are able to slip through a door using tailgating or 
some other method, they can be identified and challenged for not wearing visible 
ID. 


3. What sort of information should be recorded on an entry control 
roster? 


Name and company being represented, date, time of entry, and time of departure, 
reason for visiting, and contact within the organization. 


4. What is a server lock? 


A computer in which the chassis can be locked shut, preventing access to physical 
components. 


5. What type of device would a privacy screen be used to protect? 


A display device such as a monitor. A privacy screen prevents the display from being 
observed at any angle other than directly in front of the screen. 


6. What three methods of mechanically destroying a hard disk are most 
effective? 


Incineration, degaussing, and shredding. Making the disk unusable by damaging it 
with a drill or hammer is likely to leave remnants that could in theory be analyzed. 
Note that degaussing is not effective against SSDs. 


Activity 16-1: Discussing Security Best Practices 
Implementation 


1. What constitutes a strong password? 


Something easy to remember but difficult to guess. A password should be 
sufficiently long and mix alphanumeric and punctuation characters and case. 


2. How does a smart card provide authentication? 


It contains a chip that can store the user's account and credentials securely in a 
digital certificate that the logon provider trusts. Therefore, possession of the device 
is confirmation of identity. 
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3. Why should use of a smart card be protected by a PIN? 


To prevent misuse of the card if it is lost or stolen. 


4. What are the drawbacks of biometric authentication technologies? 


Users find it intrusive, it is relatively expensive (Compared to password-based authentication), and 
there are risks from false positives and false negatives. Some implementations of biometric 
methods can be vulnerable to spoofing, such as using a photograph to pass through a facial 
recognition system. 


5. What type of biometric recognition is most suitable for integrating with a laptop 
computer? 


Finger or thumbprint readers are generally the simplest type of device. Facial recognition using a 
built-in camera is also becoming popular. 


6. What general methods can be used to prevent a replay attack against a software 
token? 


Using coding techniques to accept a token only once or restrict the timeframe in which a token 
can be used. 


7. In AAA architecture, what type of device might a RADIUS client be? 


AAA refers to Authentication, Authorization, and Accounting. When the role is played by a Remote 
Access Dial-in User Service (RADIUS) server, the server processes authentication and authorization 
requests. The clients submitting the requests to the server are network access devices, such as 
routers, switches, wireless access points and VPN servers. The end user devices connecting to 
them are referred to as supplicants. 


8. What type of account policy can protect against password-guessing attacks? 


A lockout policy (disables the account after a number of incorrect logon attempts). 


Activity 16-2: Discussing Data Protection Policies 


1. Why should PII be classed as sensitive or confidential? 


Disclosing Personally Identifiable Information (PII) may lead to loss of privacy or identity theft. 
There may be legal or regulatory penalties for mishandling PII. 


2. What is PHI? 


Protected Health Information (PHI) is data such as medical records, insurance forms, hospital/ 
laboratory test results, and so on. 


3. True or false? The encryption applied by EFS can be overridden by the local 
administrator account. 


False—only the user can decrypt files, via their account password or a backup key. In a Windows 
domain, administrators can be configured key recovery agents but the local administrator does 
not have this right automatically. This means that the disk cannot be connected to a different 
computer to circumvent the protection afforded by encryption. 


4. What is the function of a TPM in relation to Windows' BitLocker feature? 


A Trusted Platform Module can store the disk encryption key to tie use of the disk to a particular 
computer. 
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5. What class of security technology prevents users from sending 
unauthorized files as email attachments? 


Data Loss Prevention (DLP). 


6. What type of software license is locked to a single hardware device? 
Original Equipment Manufacturer (OEM). 


Activity 16-4: Discussing Data Protection During 
Incident Response 


1. What is incident reporting? 


The process of identifying security breaches (or attempted breaches and suspicious 
activity) to security management personnel. 


2. Why are the actions of a first responder critical in the context of a 
forensic investigation? 


Digital evidence is difficult to capture in a form that demonstrates that it has not 
been tampered with. Documentation of the scene and proper procedures are 
crucial. 


3. What does Chain of Custody documentation prove? 


Who has had access to evidence collected from a crime scene and where and how it 
has been stored. 


4. What actions do you need to take? 


You need to create an incident report, remove or disable the login accounts, isolate 
the infected server and possibly any user computers that communicate with the 
server, and remove the rootkit from the server. In terms of wider security policies, 
investigate why the temporary accounts were not disabled on completion of the 
project. 


Activity 17-1: Discussing Detecting, Removing, and 
Preventing Malware Infections 


1. What are the principal characteristics of Trojan malware? 


Trojan malware is named after the Trojan Horse. This myth involved Greek warriors 
hidden in a wooden horse presented as a gift to the city of Troy. The Trojans 
wheeled the horse into the city and left it unguarded. At night, the Greek warriors 
slipped out, opened the gates, and let the Greek army in to ravage the city. A Trojan 
is malware disguised as legitimate software. Most Trojans establish a backdoor so 
that use of the computer can be subverted by a remote handler. 


2. What general class of malware is crypto-malware an example of? 


Crypto-malware is a type of ransomware. The malware encrypts files on the target 
and then demands a ransom be paid to release the key that can decrypt them again. 


The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 1153 


3. Why might you need to use a virus encyclopedia? 


Typically, if a virus cannot be removed automatically, you might want to find a manual removal 
method. You might also want to identify the consequences of infection—whether the virus might 
have stolen passwords, and so on. 


4. Why must antivirus software be kept up-to-date regularly? 


While there are certain heuristic techniques, a scanner is most effective when it can detect viruses 
that it recognizes. The virus update contains details about new or changed virus threats. If the 
update is not made, it is quite unlikely that these viruses will be detected if they infect your 
system. 


5. What type of file scan offers best protection for ordinary users? 


On-access scans. These might reduce performance somewhat but very few users would 
remember to scan each file they use manually before opening. 


6. What would be the purpose of quarantining an infected file, rather than deleting 
it? 
If antivirus software cannot clean a file, you may still want to investigate alternative methods of 


recovering data from the file. Quarantine means the antivirus software blocks access without 
actually removing the file from the file system. 


7. Why is DNS configuration a step in the malware remediation process? 


Compromising domain name resolution is a very effective means of redirecting users to malicious 
websites. Following malware infection, it is important to ensure that DNS is being performed by 
valid servers. 


8. What sort of training should you give to end users to reduce the risk of infections? 


Not to disable security applications and to be wary of emailed links, file attachments, removable 
media, and websites from unproven sources. 


Activity 17-3: Discussing Troubleshooting Common 
Workstation Security Issues 


1. Is this likely to be a malware infection? If so, what type of malware would you 
suspect? 


It is certainly possible. Software updates are often applied when a computer is started in the 
morning so that is another potential cause but you should investigate and log a warning so that 
all support staff are alerted. It is very difficult to categorize malware when the only symptom is 
performance issues. You might say a virus or worm as the malware is non-stealthy. However, it is 
equally possible that performance issues could be a result of a badly written Trojan or a Trojan/ 
backdoor application might be using resources maliciously (for DDoS, Bitcoin mining, spam, and 
SO On). 


2. Why might a PC infected with malware display no obvious symptoms? 


If the malware is used with the intent to steal information or record behavior, it will not try to 
make its presence obvious. A rootkit may be very hard to detect even when a rigorous 
investigation is made. 


3. Is her computer infected with malware? 


If it only occurs on certain sites, it is probably part of the site design. A script running on the site 
can prevent use of the Back button. It could also be a sign of adware or spyware though, so it 
would be safest to scan the computer using up to date anti-malware software. 


Solutions 


1154 | The Official COompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


Solutions 


4. 


Should the bank update its certificate, or do you suspect another 
cause? 


It would be highly unlikely for a commercial bank to allow its website certificates to 
run out of date or otherwise be misconfigured. You should strongly suspect 
redirection by malware or a phishing/pharming scam. 


. Could this be the result of external fraud or do you need to investigate 


your internal systems for malware? 


It would be very unusual for someone to be able to insert your IP address into 
multiple blacklists. You should suspect that malware is being used to send spam 
from your network. 


Activity 18-1: Discussing Environmental Impacts and 


Controls 


. What are the principal characteristics of a surge protector? 


This is a circuit designed to protect connected devices from the effect of sudden 
increases or spikes in the supply voltage and/or current. Surge protectors are rated 
by clamping voltage (low values are better), joules rating (higher values are better), 
and amperage (the maximum current that can be carried). 


. When you are sizing the load for a UPS, how would you calculate the 


power used by a PC component? 


Multiply its Voltage (V) by the Current (I) it draws to calculate power drawn in Watts 
(W=V*1). You may then need to convert this to a VA rating by multiplying by 1.67. 
When power is supplied, some is lost through the function of inverters and 
capacitors. This means that the supply, measured as VA, must exceed the watts 
drawn by about 70%. This ratio is also described as the Power Factor (PF). 


. Why should you never use a home vacuum cleaner to clean a PC? 


Because they generate large amounts of static electricity that may damage sensitive 
components. 


. What are the principal environmental hazards to consider when 


installing PC equipment? 


Heat and direct sunlight, excessive dust and liquids, and very low or high humidity. 
Equipment should also be installed so as not to pose a topple or trip hazard. 


. When might you need to consult MSDS documentation? 


A Material Safety Data Sheet (MSDS) should be read when introducing a new 
product or substance to the workplace. Subsequently, you should consult it if there 
is an accident involving the substance and when you need to dispose of the 
substance. 
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Activity 18-2: Discussing Documentation Creation and 
Maintenance 


1. What role do barcodes play in managing inventory? 


An inventory is a list of assets. To compile a list of assets, you must be able to identify each asset. 
A barcode label is a good way of doing this. You can use a scanner to link to the asset within the 
inventory database automatically, avoiding delays and mistakes that might be made by typing an 
asset ID. 


2. What are the two main types of network topology diagrams? 


You can create diagrams to show the physical topology or the logical topology. The physical 
topology shows the location of cabling and ports plus their bandwidth. The logical topology shows 
IP addresses and subnets plus security controls such as firewalls. There are lots of other types of 
network topology diagrams, of course, but physical and logical are the two basic distinctions you 
can make. It is best practice not to try to create a diagram that shows both. 


3. What is the purpose of a KB? 


A Knowledge Base (KB) is a reference to assist with installing, configuring, and troubleshooting 
hardware and software. A KB might be created by a vendor to support their products. A company 
might also create an internal KB, populated with guidelines, procedures, and information from 
service tickets. 


4. What three broad types of incident documentation might a business require? 


Incidents can be categorized as support/troubleshooting, security, and accident (whether to 
personnel or to assets). You should also consider the effect compliance with regulatory or legal 
requirements has on the documentation that must be kept. 


5. What is the appropriate action to take? 


This is likely to demonstrate a clear breach of Acceptable Use Policies (AUP) and will be the subject 
of disciplinary action by HR. You should not over-assume or over-react, however. Take care to 
follow best practices for incident response, such as establishing unambiguous evidence and 
documenting the entire incident. 


Activity 18-3: Discussing Change Management Best Practices 


1. Why are documented business processes essential for effective change 
management? 


Without documented processes, you do not have a means of measuring or specifying the effects 
of change. Of course, you could be introducing a change to start using documented business 
processes! But from that point, any project can be measured and evaluated by the changes it 
makes to documented procedures. Changes that are supported by documented procedures can 
also be communicated more clearly to staff. 


2. What are the main components of an RFC? 


A Request for Change (RFC) sets out the purpose and scope of the proposed change and a 
documented plan for carrying out the change. Ideally, it should perform a risk analysis of both 
performing the change and not performing the requested change. It should state the measures 
by which the change can be judged to have been completed successfully. Ideally, it would also 
include a backout plan for reversing the change. 


3. What is a change board? 


A change board is a committee of stakeholders who can approve the planned change. 
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Activity 18-4: Discussing Disaster Prevention and 
Recovery 


. At which general levels are backups made to facilitate disaster 


recovery? 


Backup levels include file, image, and critical application. File level backups allow 
restoration of user-generated data files in a shared folder or user profile. An image- 
level backup records a whole installation (OS, third-party software and drivers, and 
custom settings). This can be used to reinstall a computer or recover a Virtual 
Machine (VM). A critical application backup saves data and settings kept by a specific 
software product. This is likely to involve some sort of database backup. 


. What tests can you perform to ensure the integrity of backup settings 


and media? 


You can perform a test restore and validate the files. You can run an integrity check 
on the media, such as using chkdsk ona hard drive used for backup. Backup 
software can often be configured to perform an integrity check on each file during a 
backup operation. You can also perform an audit of files included in a backup 
against a list of source files to ensure that everything has been included. 


. For which backup/restore issue is a cloud-based backup service an 


effective solution? 


The issue of provisioning an offsite copy of a backup. Cloud storage can also provide 
extra capacity. 


. What provisions can you make for account recovery? 


You might implement a password recovery mechanism for users who have 
forgotten a password, though this mechanism can itself represent a security risk. 
You should ensure that profile data is backed up so that it can be restored in the 
event of file corruption or damage to a disk. If a profile cannot be restored, the 
account would have to be recreated. This means that the account will have to be 
reassigned security group memberships and permissions. This is easier if the 
allocation of those permissions has been well documented in the first place. There 
may also need to be some provision for configuring a recovery key to restore 
encrypted data. 


Activity 18-6: Discussing Scripting 


1. What is the file extension for Python script files? 
. Py. 


2. Which batch or scripting language is represented here? 
VBScript. 


3. What are the characteristics of a variable? 


A variable is a construct within programming code for some sort of value that can 
change during the execution of the script. The variable must be given a name. A 
variable also has a data type, such as string or integer. The data type can be 
explicitly declared or set when the variable is initialized (given its first value). It is 
good programming practice to declare variables before they are used. 
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4. What command can you use to define an environment variable? 


In Windows, environment variables are defined using set. In Linux, there are not only 
environment variables (env and print env), but also variables specific to the current shell. 


Shell variables are configured with s e t. The syntax of set is different between Windows and 
Linux 


5. What type of script construct is "For ... Next" an example of? 


The For ... Next statement is one kind of loop. The script will execute statements within 
the loop repetitively until a logical condition is met. 


6. What is a string? 


A string is a data type that represents a series of text characters. 


Activity 18-8: Discussing Customer Service and 
Communication Skills 


1. How would you cope with a user who is struggling to explain the problem that 
they are experiencing? 


Use closed questions that allow the user to give simple yes or no answers. 


2. How should you approach this user? 


Demonstrate empathy with the customer's situation and use active listening skills to show that 
you understand the importance of the issue and make the customer confident that you can help. 
Then use closed questioning techniques to start to diagnose the problem. 


3. How would you deal with a customer who is becoming abusive because you have 
taken three separate calls to deal with their problem? 


Explain why the problem is taking so long to resolve, and get them to focus on helping you, rather 
than hindering you. If the abuse continues, warn them that it cannot be tolerated and that you 
will have to end the call if it persists. 


4. How should you handle this with the customer? 


Advise them that you will put them on hold while you speak to someone else or arrange to call 
them back. 


5. What should you do? 
Run through the print process step-by-step to show that it works. It is very important to get a 
customer's acceptance that a problem is "closed." 

6. What would be the best approach? 
Confirm that the problem is not impacting their work and get them to email a support request, 


which you will attend to within 48 hours. 


7. What should you be wary of if a customer phones in with a problem you think you 
have solved already? 


Do not assume—allow the customer to describe the problem fully then make a proper 
assessment. 


Solutions 


1158 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


8. What should you include for dealing with difficult customers or 
situations? 


Answers will vary, but might include the following. Do not argue with customers 
and/or be defensive. Avoid dismissing customer problems and do not be 
judgmental. Try to calm the customer and move the support call towards positive 
troubleshooting diagnosis and activity, emphasizing a collaborative approach. Do 
not disclose experiences via social media outlets. 


Solutions 
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*aaS 

(Something as a Service) An ownership 
model for cloud services where the 
"something" can refer to infrastructure, 
network, platform, or software. 


2-step verification 

When a user connects to a service using 
a device that was not previously 
registered with the service, the 
authenticator application sends a one 
time password to a smartphone or 
alternate email address that the user 
then enters to complete the 
authentication process. 


2D barcodes 
See QR codes. 


3D modeling software 

Software that creates a model of a 
physical object using polygons, spline 
curves, and bezel curves. 


3D print process 

A printing process that builds a solid 
object from successive layers of 
material. 


3D printer 

Hardware device capable of small scale 
manufacturing. 3D printers use a variety 
of filament media (typically plastic) with 
different properties. 


3D scanner 

A scanner that can gather data about 
the shape and appearance of a physical 
object and save that information to a 
computer. 


3D slicing software 

Software in a 3D printer or in 3D 
modeling software that takes a 3D 
model and creates multiple horizontal 
layers of the model. 


802.3af 

PoE powered devices can draw up to 
about 13 W over the link. Power is 
supplied as 350MA@48V and limited to 
15.4 W, but the voltage drop over the 
maximum 100 feet of cable results in 
usable power of around 13 W. 


802.3at (PoE+) 

PoE powered devices can draw up to 
about 25 W. PoE+ allows for a broader 
range of devices to be powered such as 
cameras with pan/tilt/zoom capabilities, 
door controllers, and thin client 
computers. 


absolute path 

The specific location, including the 
domain name, irrespective of the 
working directory or combined paths. 


AC 

(alternating current) When electricity is 
produced by a generator at the power 
station, the rotational movement of the 
magnetic coils causes the current 
produced to oscillate like a sine wave (it 
is said to alternate). Computers require 
direct current (at a constant voltage). A 
transformer is used to convert AC from 
the power outlet into the 3.3, 5, and 12 V 
DC supply required by the computer. 


AC adapter 
An external power supply used to power 
laptops and other portable devices. 


accelerometer 

Mobile technology that can determine 
the orientation of a device with a sensor 
that measures the acceleration of the 
device direction. 


accelerometer/gyroscope 
Components used in mobile devices to 
detect motion (accelerometer) and 
rotation (gyroscope). As well as 
switching screen orientation, this can be 
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used as a control mechanism (for 
example, a driving game could allow the 
tablet itself to function as a steering 
wheel). 


access time 

The speed at which memory or a disk 
drive can be addressed and utilized 
(opened, read from, or written to). 


accident 
Any instance where a person is injured 
or computer equipment is damaged. 


accounting 

In security terms, the process of tracking 
and recording system activities and 
resource access. Also known as auditing. 


ACE 

(access control entry) Within an ACL, a 
record of subjects and the permissions 
they hold on the resource. 


ACL 

(Access Control List) The permissions 
attached to or configured on a network 
resource, such as folder, file, or firewall. 
The ACL specifies which subjects (user 
accounts, host IP addresses, and so on) 
are allowed or denied access and the 
privileges given over the object (read 
only, read/write, and so on). 


ACPI 

(Advanced Configuration and Power 
Management Interface) An open 
standard to communicate between the 
operating system and hardware to 
enable power management features. 


active listening 

The skill of listening to an individual so 
that you give them your full attention 
and are not trying to argue with, 
comment on, or misinterpret what they 
have said. 


ActiveX 

Microsoft's software framework for 
browser plug-ins that allow users to run 
software components accessed from the 
Internet. 


AD DS 
(Active Directory Domain Services) The 
database that contains the users, 


groups, and computer accounts in a 
Windows Server domain. 


ad hoc network 
A peer-to-peer network created for the 
current print session. 


ad-hoc mode 

A temporary network mode in which 
devices connect to each other directly 
without an intermediary networking 
device. 


adapter card 

Circuit board providing additional 
functionality to the computer system 
(video, sound, networking, modem, and 
so on). An adapter card fits a slot on the 
PC's expansion bus and often provides 
ports through slots cut into the back of 
the PC case. Different cards are 
designed for different slots (PCI or PCle). 


add-on card 
An adapter card installed in a PCle slot. 


additive color printing 

A color printing method that combines 
differently colored transmitted light to 
form different shades. 


ADF 

(Automatic Document Feeder) Device 
that feeds media automatically into a 
scanner or printer. 


Administrative Templates 

Group Policy files for registry-based 
policy management. The files have 
the .ADM file extension. 


Administrator account 

A Microsoft Windows user account that 
can perform all tasks on the computer, 
including installing and uninstalling 
apps, setting up other users, and 
configuring hardware and software. 


ADSL 

(Asymmetrical DSL) A consumer version 
of DSL that provides a fast downlink but 
a slow uplink. The upstream rate is 
between 64 Kbps and 1 Mbps and the 
downstream rate it 500 Kbps to 8 Mbps. 
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Adult account 
Any Microsoft Windows user account that 
is not configured as a Child account. 


AES 

(Advanced Encryption Standard) Modern 
encryption suite providing symmetric 
encryption (the same key is used to 
encrypt and decrypt). AES is a very strong 
cipher with many applications, including 
being part of the WPA2 Wi-Fi encryption 
scheme. 


AFP 

(Apple Filing Protocol) Protocol supporting 
file sharing on macOS networks. AFP 
works over TCP port 548. 


agent 

A process running on an SNMP compatible 
network device that sends information to 
an SNMP manager. 


AHCI 

(Advanced Host Controller Interface) A 
logical interface used by SATA drives to 
communicate with the bus. 


air or dust filters 

Polyester sheets that cover fan inlets to 
trap dust on their surface, preventing the 
dust from getting into a computer or other 
device. 


airborne particles 

Dust and other small items that can be 
blown about and carried on air currents, 
that if they get inside computers, can 
prevent effective heat dissipation. 


airplane mode 

A toggle found on mobile devices enabling 
the user to disable and enable wireless 
functionality quickly. 


all-in-one unit 

A desktop computer in which all the 
computer components, except the 
keyboard and mouse, are contained within 
the monitor case. 


ALU 

(Arithmetic Logic Unit) A circuit in the CPU 
that performs integer-based calculations 
and performs bit-wise logical calculations. 


AMD-V 
Extensions in AMD-based systems that 
allow hardware virtualization. 


AMD64 

AMD's 64-bit instruction set that was also 
adopted by Intel for its 64-bit desktop and 
mobile line. Intel refers to it as EM64T or 
Intel 64. 


analog display 

A computer monitor that accepts 
continuously varying signals. CRT monitors 
use analog signals and are capable of 
supporting several output resolutions 
without losing quality. 


Android 

An open-source operating system 
supported by a wide range of hardware 
and software vendors. 


Android application package 

(APk) Third-party or custom programs that 
are installed directly through an APK file, 
giving users and business the flexibility to 
install apps directly on Android devices. 


Android Auto 

An Android phone feature that allows 
users to interact with their phone using 
voice commands and a vehicle's built-in 
display. 


answer file 

An XML text file that contains all of the 
instructions that the Windows Setup 
program will need to install and configure 
the OS without any administrator 
intervention, including the product key. 


anti-malware software 

A software program that scans a device or 
network for known viruses, Trojans, 
worms, and other malicious software. 


antiglare cover 
A display cover to deal with ambient 
lighting issues on the display. 


antistatic bag 

A packaging material containing anti-ESD 
shielding or dissipative materials to 
protect components from ESD damage. 


Glossary 
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antivirus 

Software capable of detecting and 
removing virus infections and (in most 
cases) other types of malware, such as 
worms, Trojans, rootkits, adware, spyware, 
password crackers, network mappers, DoS 
tools, and so on. antivirus software works 
on the basis of both identifying malware 
code (signatures) and detecting suspicious 
behavior (heuristics). antivirus software 
must be kept up to date with the latest 
malware definitions and protect itself 
against tampering. 


AP 

(Access Point) A device that provides 
connectivity between wireless devices and 
a cabled network. APs with Internet 
connectivity located in public buildings 
(cafes, libraries, and airports, for instance) 
are often referred to as hotspots. 


APIPA 

(Automatic Private IP Addressing) A means 
for Windows clients configured to obtain 
an address automatically that could not 
contact a DHCP server to communicate on 
the local subnet. The host randomly 
selects an address from the range 
169.254.x.y. This is also called a link-local 
address. 


app scanner 
A class of security software designed to 

monitor the permissions allocated to apps 
and how they are using (or abusing) them. 


App Store 

The online site where Apple users can 
purchase or get free apps have been 
submitted to and approved by Apple 
before they are released to users. 


Apple CarPlay 

An iPhone feature that allows users to 
interact with their phone using voice 
commands and a vehicle's built-in display. 


Apple ID 

A user account on an Apple device based 
on the sign-in email address that is used to 
sign-in to the App Store, access iCloud, and 
other Apple features and functions. 


Application protocols layer 
In the TCP/IP suite, numerous protocols 
used for network configuration, 


management, and services reside at this 
level. Application protocols use a TCP or 
UDP port to connect the client and server. 


application virtualization 

Rather than run the whole client desktop 
as a virtual platform, the client either 
accesses a particular application hosted on 
a server or streams the application from 
the server to the client for local 

processing. 


apps 
Installable programs that extend the 
functionality of the mobile device, that 
must be written and compiled for a 
particular mobile operating system (Apple 
iOS, Android, or Windows). 


apt 
A tool for maintaining packages on 
Debian-based Linux systems. 


AR 

(augmented reality) Using software and 
smartphone cameras or headsets to 
interact with real-world objects and 
images or change the way they appear in 
some way. 


arguments 

Values supplied to the command for it to 
operate on, supplied in the correct order 
required for the command's syntax. 


ARP 

(Address Resolution Protocol) When two 
systems communicate using IP, an IP 
address is used to identify the destination 
machine. The IP address must be mapped 
to a device (the network adapter's MAC 
address). ARP performs the task of 
resolving an IP address to a hardware 
address. Each host caches known 
mappings in an ARP table for a few 
minutes. It is also a utility used to manage 
the ARP cache. 


ARP poisoning 

(Address Resolution Protocol poisoning) 
Injecting a false IP: MAC lookup into the 
victim's ARP cache. This can be used to 
perform a variety of attacks, including DoS, 
spoofing, and Man-in-the-Middle. 


array 
See RAID. 


The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 1163 


ASF 

(AutoSheet Feeder) In an inkjet printer, the 
paper pickup mechanism to feed paper 
into the printer. 


aspect ratio 
A characteristic of display devices that 
indicates the ratio of width to height. 


asset 

A thing of economic value. For accounting 
purposes, assets are classified in different 
ways, such as tangible and intangible or 
short term and long term. 


asset management 

Asset management means identifying each 
asset and recording its location, attributes, 
and value in a database. 


attended installation 

A software or operating system installation 
where the installer inputs the 
configuration information in response to 
prompts from a setup program. 


ATX 

A standard PC case, motherboard, and 
power supply specification. Mini-, Micro-, 
and Flex-ATX specify smaller board 
designs. 


audio subsystem 
Made up of a sound card and one or more 
audio input and output devices. 


auditing 
See accounting. 


AUP 

(Acceptable Use Policy) A policy that 
governs employees' use of company 
equipment and Internet services. ISPs may 
also apply AUPs to their customers. 


authentication 

A means for a user to prove their identity 
to a computer system. Authentication is 
implemented as either something you 
know (a username and password), 
something you have (a smart card or key 
fob), or something you are (biometric 
information). Often, more than one 
method is employed (2-factor 
authentication). 


authentication factor 

Information used to identify a user from 
one of several categories (something the 
user knows, has, or "is," or the user's 
location). 


authenticator application 

An app that requires, when using a new 
computer or device to access a service, a 
code to be sent in the form of a one time 
password. 


authorization 

In security terms, the process of 
determining what rights and privileges a 
particular entity has. 


autodiscover 

The ability of a mobile device to determine 
connection settings based on the user 
entering their email credentials. 


availability 

The fundamental security goal of ensuring 
that systems operate continuously and 
that authorized individuals can access data 
that they need. 


back haul 

A link or transit arrangement with another 
ISP to connect each Point of Presence to 
their core network infrastructure and one 
or more IXPs. 


backdoor 

Aremote administration utility providing a 
means of configuring a computer. Remote 
admin software may be installed 
intentionally, in which case it must be 
properly secured. Backdoors may also be 
installed by malware. 


backed up print queue 
A problem situation where there are lots 
of jobs pending but not printing. 


background 

A process that runs without a window and 
does not require any sort of user 
interaction. 


backlight 

Fluorescent lamp illuminating the image 
on a flat panel (LCD) screen. If the 
backlight or inverter fails, the screen image 
will go very, very dark. 


Glossary 
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backout plan 

A plan defined ahead of making any 
moves, adds, or changes so that in case 
unforeseen problems arise when the 
change is made, there is a plan to put 
things back as they were before making 
the change. 


backup 

Recovery of data can be provided through 
the use of a backup system. Most backup 
systems provide support for tape devices. 
This provides a reasonably reliable and 
quick mechanism for copying critical data. 
Different backup types (full, incremental, 
or differential) balance media capacity, 
time required to backup, and time 
required to restore. 


backup power generator 

A Standby Power Supply fueled by diesel 
or propane. In the event of a power 
outage, a UPS must provide transitionary 
power, as a backup generator cannot be 
cut-in fast enough. 


barcode label 

A label containing a UPC code. Can be 
affixed to tangible assets for identification 
in an asset management system. 


barcode scanner 

A barcode reader is a handheld or pen- 
shaped device designed to scan barcodes. 
A barcode is a pattern of different sized 
parallel bars, typically representing a 
product number, such as an ISBN, EAN, or 
UPC. The reader uses a sensor mechanism 
(typically either a photo diode, laser, or 
CCD) to read the intensity of light reflected 
back by the barcode. The reader then 
reports the number back to application 
software, which links it to a product 
database. 


baseband update 
Modification of the firmware of a cellular 
modem. 


baseline 

The point from which something varies. A 
configuration baseline is the original or 
recommended settings for a device, while 
a performance baseline is the originally 
measured throughput. 


battery backup 
See UPS. 


BCD 

(Boot Configuration Data) Windows stores 
information about operating systems 
installed on the computer in a boot 
configuration data store, located in \boot 
\bcd on the system partition. The BCD can 
be modified using the bcedit command- 
line tool or MSCONFIG. 


BD 

(Blu-ray Disc) The latest generation of 
optical disc technology that uses a 405 mm 
blue laser for high density storage, with 
disc capacity of 25 GB per layer. Transfer 
rates are measured in multiples of 36 
MBps. 


biometric devices 

Peripherals used to gather biometric data 
for comparison to data stored ina 
database. 


biometrics 

Identifying features stored as digital data 
can be used to authenticate a user. Typical 
features used include facial pattern, iris, 
retina, or fingerprint pattern, and 
signature recognition. This requires the 
relevant scanning device, such as a 
fingerprint reader, and a database of 
biometric information (template). 


BIOS 

(Basic Input/Output System) Firmware that 
contains programs and information 
relating to the basic operation of PC 
components such as drives, keyboard, 
video display, and ports. It also contains 
specific routines to allow set-up 
configuration to be viewed and edited and 
it contains the self-diagnostic Power-On 
Self-Test (POST) program used to detect 
fundamental faults in PC components. 
BIOS can also be used to secure 
components not protected by the OS by 
specifying a supervisor password (to 
prevent tampering with BIOS settings) and 
a user password (to boot the PC). 


BIOS setup 

(Basic Input/Output System setup) Another 
name for the setup program used to 
configure system firmware settings. Also 
known as CMOS setup or UEFI setup. 
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bitmap image data 
A pixel-by-pixel image sent to a printer to 
print a file. 


blacklisting 
An address added to the black list is 
prohibited from connecting to any port. 


blackout 
A complete loss of electrical power. 


blanking plate 

Metal strips that cover unused adapter 
slots in the case so that proper air flow is 
maintained within the system case. 


blaster 
See IR. 


BLE 

(Bluetooth Low Energy) A radio-based 
technology designed for small battery- 
powered devices that transmit small 
amounts of data infrequently. BLE is not 
backwards-compatible with "classic" 
Bluetooth, though a device can support 
both standards simultaneously. 


Blu-ray drive 

An optical drive for reading, and if so 
equipped, writing to Blu-ray disc media. 
Most drives can also read CD and DVD 
discs. 


Bluetooth 

Short-range radio-based technology, 
working at up to 10 m (30 feet) at up to 1 
Mbps used to connect peripherals (such as 
mice, keyboards, and printers) and for 
communication between two devices (such 
as a laptop and smartphone). 


bookmark 
A record of a website or web page that you 
visited. 


Boolean values 

Data type supporting 1-bit storage, 
representing FALSE and TRUE. Boolean 
logic is a statement that resolves to a true 
or false condition and underpins the 
branching and looping features of 
computer code. 


boot device priority 
See boot sequence. 


boot partition 

In Microsoft terminology, the partition that 
contains the operating system (that is, the 
\WINDOWS folder) is referred to as the 
boot partition. This is typically a different 
partition to the system partition (the 
partition containing the boot files). 


boot sector 
See Volume Boot Record (VBR). 


boot sequence 
The order in which the system firmware 
searches devices for a boot manager. 


botnet 

A network of computers that have been 
compromised by Trojan, rootkit, or worm 
malware. Providing the botnet can also 
subvert any firewalls between the 
controller (or herder) and the 
compromised computers (zombies), so 
that they can be remotely controlled and 
monitored using covert channels. 


branch 

Used to control the flow within a computer 
program or script, usually based on some 
type of logic condition. Often implemented 
with If or Goto statements. 


BRI 

(Basic Rate Interface) A class of ISDN 
service that provides two 64 Kbps (B 
channels) for data and one 16 Kbps (D 
channel) for link management control 
signals 


bridge 

A bridge can be used to divide an 
overloaded network into separate 
segments. Intrasegment traffic (traffic 
between devices on the same segment) 
remains within this segment and cannot 
affect the other segments. A bridge works 
most efficiently if the amount of 
intersegment traffic (traffic between 
devices on different segments) is kept low. 
Segments on either side of a bridge are in 
separate collision domains but the same 
broadcast domain. The function of bridges 
is now typically performed by switches. 


broadband 

The technical meaning of broadband is a 
transmission that divides the available 
media bandwidth into a number of 
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transmission paths or channels. WAN 
signaling generally uses this form of 
transmission and consequently the term is 
used generally to refer to 2 MBps+ 
Internet links such as DSL or cable. 


broadcast address 

A packet sent to all hosts on the local 
network (or subnet). Routers do not 
ordinarily forward broadcast traffic. The 
broadcast address of IP is one where the 
host bits are all set to 1; at the MAC layer, 
it is the address ff:ff:ff:ff:ff:ff. 


brownout 

A brownout occurs when the power that is 
supplied by the electrical wall socket is 
insufficient to allow the computer to 
function correctly. Brownouts are long 
sags in power output that are often caused 
by overloaded or faulty mains distribution 
circuits or by a failure in the supply route 
from electrical power station to a building. 


BSOD 

(Blue Screen of Death) A condition that 
indicates an error from which the system 
cannot recover (also called a stop error). 
Blue screens are usually caused by bad 
driver software or hardware faults 
(memory or disk). 


BSSID 
(Basic Service Set Identifier) The MAC 
address of the access point. 


Bubblejet 

The term used by the Canon company to 
refer to their thermal inkjet print 
method. 


burning 

In optical discs, the process of using a 
special laser used to transform the dye to 
mimic the pits and lands of a premastered 
CD. 


bus 

Buses are the connections between 
components on the motherboard and 
peripheral devices attached to the 
computer. Buses are available in industry 
standard formats, each with its own 
advantages and disadvantages. The 
standard functions of a bus are to provide 
data sharing, memory addressing, power 


supply, and timing. Common bus types 
include PCI, PCI Express, and USB. 


bus mastering 

Feature of a bus allowing devices to 
communicate with one another without 
going through the CPU. Bus mastering is 
supported by most bus types, including 
PCI, SCSI, and ATA (in "Ultra DMA" modes). 


BYOD 

(Bring Your Own Device) Security 
framework and tools to facilitate use of 
personally owned devices to access 
corporate networks and data. 


CA 

(Certificate Authority) A server that can 
issue digital certificates and the associated 
public/private key pairs. 


CAB 

(Change Advisory Board) In change 
management, the team responsible for 
approving or denying RFCs. 


CAC 

(Common Access Card) An identity and 

authentication smart card produced for 
Department of Defense employees and 
contractors in response to a Homeland 

Security Directive. 


cache 

Asmall block of high-speed memory that 
enhances performance by pre-loading 
(caching) code and data from relatively 
slow system memory and passing it to the 
CPU on demand. 


CAD 

(Computer-Aided Design) Software that 
makes technical drawings and schematics 
easier to produce and revise. 


CAL 

(Client Access Licenses) Licenses required 
for clients accessing software services 
from a server, purchased per server (with 
a limited number of simultaneous users) 
or per seat (specifying each unique device 
or user). 


calibration (printer) 
The process by which the printer 
determines the appropriate print density 
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or color balance, or how much toner to 
use. 


CAM 

(Computer Aided Manufacturing) Software 
that can control machine tools found in 
manufacturing environments. 


CAM 
(Content Addressable Memory) See MAC 
address table. 


CAN 
(Campus area network) A network that 
spans multiple nearby buildings. 


capacitor 

An electrical component that stores 
electrical energy and is often used to 
regulate voltages. It can hold a charge 
after the power is removed. 


capacity 
The amount of space available on storage 
media. 


CATV 

(Cable Access TV) Access to television 
stations over a coaxial cable connected to 
a TV, set-top box, or computer. 


ccD 

(Charge Coupled Device) A type of 
microchip widely used as a digital image 
sensor. Each element in a CCD converts 
light captured by a photodiode into a 
proportional electric charge, which is then 
amplified, sampled, and stored as a digital 
value. The number of elements 
determines the resolution. 


CCFL 

(Cold Cathode Fluorescent Lamp) A type of 
lamp providing a bright, clear light source. 
CCFLs are used for LCD backlights and 
scanners. 


CD drive 

An optical drive consisting of a spindle 
motor to spin the disc, a laser and lens to 
read the disc, and a tracking system to 
move the laser and lens assembly. 


CD-R 
Compact disks containing a layer with 
photosensitive dye in which a laser 


transforms the dye to mimic the pits and 
lands of a premastered CD. 


CD-ROM 

(Compact Disc - Read Only Memory) An 
optical storage technology. The discs can 
normally hold 700 MB of data or 80 
minutes of audio data. Recordable and re- 
writable CDs (and DVDs) are a popular 
backup solution for home users. They are 
also useful for archiving material. Unlike 
magnetic media, the data on the disc 
cannot be changed (assuming that the disc 
is closed to prevent further rewriting in the 
case of RW media). This makes them 
useful for preserving tamper-proof 
records. 


CD-RW 

Compact disks containing a heat sensitive 
compound whose properties can be 
changed between crystalline and 
amorphous by a special laser. 


CDMA 

(Code Division Multiple Access) Method of 
multiplexing a communications channel 
using a code to key the modulation of a 
particular signal. CDMA is associated with 
Sprint and Verizon cellular phone 
networks. 


cellular data 

Connecting to the Internet via the device's 
cell phone radio and the handset's cellular 
network provider. 


cellular radio 

A component in a mobile device that is 
capable of switching frequencies 
automatically when moving between 
network cells without losing the 
connection. 


chain of custody 

Documentation attached to evidence from 
a crime scene detailing when, where, and 
how it was collected, where it has been 
stored, and who has handled it 
subsequently to collection. 


challenge question 

Questions asked, usually through software 
but sometimes from a help desk staff 
member, that only the end-user can 
answer. A feature of multifactor 
authentication or for account recovery. 
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change management 

A means of putting policies in place to 
reduce the risk that changes to 
information and communications 
technology infrastructure components 
could cause service disruption. 


channels 

Paths between PATA drives and 
motherboard, called IDE1 and IDE2, or 
primary (PRI IDE) and secondary (SEC IDE). 


character 
Data type supporting storage of a single 
character. 


charms 

Commands displayed in a vertical bar on 
the right side of a Windows 8 Start Screen. 
The commands are Search, Share, Start, 
Devices, and Settings. 


chassis 
See system case. 


Child account 

A Microsoft Windows user account that is 
a standard user account with the Family 
Safety Settings enabled. 


chip creep 
Cards can work free from a slot over time, 
though this is not common. 


chipset 

The chipset provides communications 
between different components by 
implementing various controllers (for 
memory, graphics, I/O, and so on). 
Historically, "fast" controllers (memory and 
video) were part of a "northbridge" 
chipset, placed close to the CPU and 
system memory. Slower buses were part 
of a "southbridge" chipset. In modern PC 
architecture, video and memory 
controllers are part of the CPU (on-die), 
the northbridge would mostly handle PCI 
Express adapters, and the southbridge 
would host SATA, USB, audio and LAN 
functions, plus PCI/PATA legacy bus 
support. 


Chrome OS 

Chrome OS is derived from Linux, via an 
open source OS called Chromium. Chrome 
OS itself is proprietary. Chrome OS is 
developed by Google to run on specific 


laptop (chromebooks) and PC 
(chromeboxes) hardware. 


Cl 

(configuration item) In change 
management, an asset that requires 
specific management procedures for it to 
be used to deliver the service. Each Cl is 
identified with a label and defined by its 
attributes and stored in a CMDB. 


CIFS 
(Common Internet File System) Another 
term for SMB. 


CIRT/CSIRT 

(Cyber Incident Response Team/Computer 
Security Incident Response Team) Team 
with responsibility for incident response. 
The CIRT must have expertise across a 
number of business domains (IT, HR, legal, 
and marketing, for instance). 


CIS 

(Contact Image Sensor) A type of digital 
imaging sensor. An array of LEDs strobing 
between red, blue, and green light are 
used to illuminate an object. The reflected 
light is captured through a lens onto an 
image sensor. 


clean install 

Installing the OS to a new computer or 
completely replacing the OS software on 
an existing computer, and in the process, 
deleting existing applications, user 
settings, and data files. 


cleaning blade 
See cleaning unit. 


cleaning unit 

Parts such as a blade, roller, or brush that 
rest on the surface of a laser printer's 
photosensitive drum that are used to 
clean excess toner and remove residual 
charge from the photoconductor. 


CLI 

(Command Line Interface) A textual 
interface based on the operating system, 
where a user typically enters commands at 
the command prompt to instruct the 
computer to perform a specific task. 
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client-side virtualization 

Any solution designed to run on desktops 
or workstations in which the user interacts 
with the virtualization host directly. 


clock battery 
See RTC battery. 


closed network 

A network where the elements of the 
network are all known to the system 
vendor and there is no connectivity to 
wider computer data networks. 


cloud computing 

Any environment where software 
(Software as a Service and Platform as a 
Service) or computer/network resources 
(Infrastructure as a Service and Network as 
a Service) are provided to an end user who 
has no knowledge of or responsibility for 
how the service is provided. Cloud services 
provide elasticity of resources and pay- 
per-use charging models. Cloud access 
arrangements can be public, hosted 
private, or private (this type of cloud could 
be onsite or offsite relative to the other 
business units). 


cloud-based network controller 

A cloud-based management system that 
enables registering and monitoring all of 
the organization's networks, clients, and 
servers. 


clusters 

Disk sectors are grouped in clusters of 2, 4, 
6, 8, or more. The smaller the cluster size, 
the lower the data overhead in terms of 
wasted space, but larger clusters can 
improve performance. 


CMDB 

(Configuration Management Database) In 
change management, the database in 
which configuration items are stored, 
identified using a label and defined by 
their attributes. 


CMOS 

(complementary metal oxide 
semiconductor) A type of integrated circuit 
with a wide range of applications, 
including static RAM (for firmware and 
flash memory) and imaging sensors. 


CMOS battery 

(complementary metal oxide 
semiconductor battery) A battery designed 
to last 5 to 10 years to maintain CMOS 
settings. 


CMOS setup 

(complementary metal oxide 
semiconductor setup) Another name for 
the setup program used to configure 
system firmware settings. Also known as 
BIOS setup or UEFI setup. 


CMP 
(chip-level multiprocessing) Multiple 
processors combined on the same die. 


CMS 

(Configuration Management System) The 
tools and databases that collect, store, 
manage, update, and present information 
about Cls. 


CMTS 

(Cable Modem Termination System) 
Equipment used by cable companies to 
allow computers to send and receive IP 
packets by inserting the packets into MPEG 
frames over an RF signal and reverses the 
process for data coming from a cable 
modem. 


CMYK Color Model 

(Cyan Magenta Yellow Key [Black] color 
model) Subtractive color model used by 
print devices. CMYK printing involves use 
of halftone screens. Four screens (or 
layers) of dots printed in each of the colors 
are overlaid. The size and density of the 
dots on each layer produces different 
shades of color and is viewed as a 
continuous tone image. 


coaxial cable 

Cable type using two separate conductors 
that share a common axis (hence the term 
co-axial). Coax cables are categorized 
using the Radio Grade (RG) "standard". 
Coax is considered obsolete in terms of 
LAN applications but is still widely used for 
CCTV networks and as drop cables for 
cable TV (CATV). 


collated 

A print job where all pages of the first copy 
are printed, followed by all pages of the 
next copy. 
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collision domain 
The network segment in which contention 
collisions occur. 


color calibration 

The process of adjusting display and 
scanner settings so that color input and 
output are balanced. 


color depth 

Each pixel in a digital image can be one of 
a number of colors. The range of colors 
available for each pixel is referred to as 
the color depth. Providing a greater range 
of colors requires more memory. If 1-bit is 
allowed for color depth, two colors (white 
and black) are allowed. A VGA video 
system supports 4-bit color (16 possible 
colors). SVGA supports 8-bit (256 colors), 
16-bit (65,536 colors), 24-bit (16,777,216 
colors), and 32-bit (deep color). 


COM port 

(communications port) Windows' 
representation of a computer's serial 
port(s), numbered sequentially (COM1, 
COM2...). 


COM+ 

(Component Object Model plus) 
Microsoft's object-oriented programming 
architecture and operating system services 
for developing applications. See also 
Component Services. 


command interpreter 

The portion of an operating system or 
script language that is able to read and 
implement commands entered by a user 
or from a script file. 


command mode 

In Linux vi editor, the mode that allows 
users to perform different editing actions 
using single keystrokes. 


comparison operator 

A relationship evaluation between two 
variables to determine whether they are 
equal, not equal, less than, greater than, 
less than or equal to, or greater than or 
equal to each other. 


compiled program 

An instruction set in which the 
programming instructions are performed 
by the computer processor. 


Component Object Model 
(COM) Microsoft's object-oriented 
programming model specification. 


Component Services 

Windows applications use various 
component (COM) models and APIs to 
share data. Component Services in 
Administrative Tools allows configuration 
of component servers. 


compressed air blaster 

A can of air packaged under pressure that 
is used to remove dust and debris from 
inside printers and other computing 
devices. 


conductor 

A material that is good at conducting 
electricity, such as gold, copper, or tin. 
These are used for wires and contacts. 


confidentiality 

The fundamental security goal of keeping 
information and communications private 
and protecting them from unauthorized 
access. 


configuration baseline 
The original or recommended settings for 
a device. 


configuration management 

A means of identifying all components of 
the information and communications 
technology infrastructure, including 
hardware, software, and procedures, and 
the properties of those items. 


connections 

The physical access points that enable a 
computer to communicate with internal or 
external devices. 


constant 
Identifier for a value that is fixed before 
program execution and does not change. 


contact 

A record with fields for name, address, 
email address(es), phone numbers, notes, 
and other information related to the entity 
defined in the record. 


container virtualization 
A virtualization method that doesn't use a 
hypervisor and instead enforces resources 
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separate at the operating system level with 
isolated containers for each user instance 
to run in with its own allocated CPU and 
memory resources, but all processes are 
run through the native OS kernel. 


contention 

A media access method in which nodes 
compete or cooperate among themselves 
for media access time. Also called 
competitive media access. 


contrast ratio 

A measure of the ratio of luminance 
(brightness) of whites to blacks, indicating 
the color performance of a display or 
scanner. A device supporting a higher 
contrast ratio is able to display a wider 
range of colors and deliver "true" black. 


Control Center 

An iOS feature that is accessed by swiping 
up from the bottom of the display to 
access iOS feature settings. 


Control Panel 

Management interface for configuring 
Windows settings. In Windows 8 and later, 
the touch-enabled app PC Settings/ 
Windows Settings is used for many options 
previously configured via Control Panel. 


core clock speed 
The speed at which the CPU runs internal 
processes and accesses L1 and L2 cache. 


corona 
An assembly within a laser printer that 
contains a wire (the corona wire), which is 
responsible for charging the paper. 


corporate mail gateway 

A connection between mail servers that 
use different communications protocols or 
between two networks that use the same 
or different protocols. 


counter logs 

Windows log files that allow you to collect 
statistics about resources and can be used 
to determine system health and 
performance. 


cover 
The removable portion of the system case 
that allows access to the motherboard and 
internal components. 


CPU 

(Central Processing Unit) The principal 
microprocessor in a computer or 
smartphone responsible for running 
operating system and applications 
software. 


CPU form factor 

(central processing unit form factor) The 
size, shape, and connection method of the 
CPU. 


critical update 
A widely released, non-security update to 
fix a critical issue. 


CRM 

(Customer Relationship Management) 
Software designed to manage an 
organization's customer (and potential 
customer) relationships and interactions. 


cron 
A Linux/Unix daemon that runs in the 
background and executes specified tasks 
at a designated time or date. 


cron table 

The file (crontab) in Linux that contains 
instructions defining the tasks to be 
executed by a cron. 


crossover cable 
A twisted pair cable wired as T568A on one 
end and as T568B on the other end. 


cryptographic hash 
A hashed value from which it is impossible 
to recover the original data. 


csv 

(Comma Separated Values) A file format in 
which data is stored using commas or 
another character to separate fields in the 
data. Typically, data has been exported 
from a spreadsheet or a database. 


cultural sensitivity 
Being aware of customs and habits used 
by other people. 


current 
The actual flow of electrons, measured in 
Amps (I). 
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current working directory 
In Linux, the location on the file system 
that you are accessing at any point in time. 


cyber warfare 

The use of IT services and devices to 
disrupt national, state, or organization 
activities, especially when used for military 
purposes. 


cylinder 
The aggregate of all tracks that reside in 
the same location on every disk surface. 


DAC 

(Digital-to-Analog Converter) A sound card 
component that converts the digital 
signals generated by the CPU to an analog 
electrical signal that can drive the 
speakers. 


data backup 

A system maintenance task that enables 
you to store copies of critical data for 
safekeeping as protection against loss of 
data due to disasters such as file 
corruption or hardware failure. 


Data Collector Sets 
Windows log files that record information 
for viewing in real time or at a later date. 


data restoration 
Asystem recovery task that enables you to 
access and restore the backed-up data. 


Data Sources 

Windows applications can import data 
from various data sources. The links to 
different data files and database drivers 
can be configured from Administrative 
Tools. 


data transmission overlimit 

When apps, especially malware or rogue 
apps, trying to collect data in the 
background use excessive amounts of 
data on a mobile device. 


data type 

The way the data is intended to be used in 
a program such as character or string, 
integer, real number, logical, or Boolean. 


daughter board 
A circuit board that connects to the 
motherboard to provide extra expansion 


slots or connectors. Typically, these are 
used in slimline case designs so that 
adapter cards can be installed parallel to 
the motherboard, reducing the height of 
the case. 


DB-9 

Although the original serial port used a 25- 
pin male D connector, most PCs today use 
a male DB-9 (9-pin) port. (See also serial 
port.) 


DC 

(direct current) PCs and most computer 
components function by using power 
supplied in the form of direct current. This 
is normally at low voltage and is produced 
by stepping down the voltage from the 
building supply. Direct current, unlike 
alternating current, does not oscillate 
between positive and negative states. 


DCOM 

(Distributed COM) Microsoft's interface 
that allows a client program object to 
request services from server program 
objects. 


DDoS 

(Distributed Denial of Service) A DoS attack 
that uses multiple compromised 
computers (a "botnet" of "zombies") to 
launch the attack. 


DDR SDRAM 

(Double Data Rate Synchronous Dynamic 
Random Access Memory) A standard for 
SDRAM where data is transferred twice per 
clock cycle (making the maximum data 

rate 64x the bus speed in bps). DDR2/ 
DDR3/DDR4 SDRAM uses lower voltage 
chips and higher bus speeds. 


declared variable 

A variable for which the data type, possibly 
the size, and optionally an initial value 
have been specified within the script or 
program file. 


default gateway 

The default gateway is an IP configuration 
parameter that identifies the location of a 
router on the local subnet that the host 
can use to contact other networks. 
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default mask 

In the early days of IP addressing, the 
network ID was determined automatically 
from the first octet of the address. When 
subnet masks were introduced, the 
"default" masks (255.0.0.0, 255.255.0.0, 
and 255.255.255.0) that corresponded to 
treating the first octet as classful were 
commonly described as "class A", "class B", 
and "class C" masks. The Internet no 
longer uses classful addressing but many 
LANs use the private IP address ranges 
and the default masks. 


defense in depth 

Configuring security controls on hosts 
(endpoints) as well as providing network 
(perimeter) security, physical security, and 
administrative controls. 


defragmentation 
See disk defragmentation. 


degaussing 

Exposing the disk to a powerful 
electromagnet to disrupt the magnetic 
pattern that stores data on the disk 
surface. 


desktop 

The desktop is at the top of the object 
hierarchy in Explorer, containing the 
Computer, Documents, Network, and 
Recycle Bin objects. The desktop also 
stores shortcuts to programs, files, and 
system objects. 


desktop computer 
A computing device designed to be placed 
on or near a user's desk. 


desktop style 

Computers designed for stationary use 
come in various styles including tower, 
slimline, and all-in-one. 


detac corona 
A strip that removes the charge to prevent 
paper curl in a laser printer. 


developer roller 

A magnetized roller to which toner 
adheres during the printing process. See 
also developer unit. 


developer unit 

Assembly that applies toner to areas of the 
photoconductor where charge has been 
removed by the laser. The main 
components are a toner hopper, transfer 
roller, waste toner hopper, a screw or 
blade to stir the toner, and a doctor blade 
to ensure the correct level of toner on the 
developer roller. 


device driver 

Asmall piece of code that is loaded during 
the boot sequence of an operating system. 
This code, usually provided by the 
hardware vendor, provides access to a 
device, or hardware, from the OS kernel. 
Under Windows, a signing system is in 
place for drivers to ensure that they do not 
make the OS unstable. 


DHCP Server 

(Dynamic Host Configuration Protocol 
server) A networking service that allows a 
client to request an appropriate IP 
configuration from a server. The server is 
configured with a range of addresses to 
lease. Hosts can be allocated an IP address 
dynamically or be assigned a reserved IP 
address, based on the host's MAC address. 
The server can also provide other 
configuration information, such as the 
location of DNS servers. DHCP utilizes UDP 
ports 67 and 68. It is important to monitor 
the network to ensure that only valid 
DHCP servers are running on the network. 


diagram 

A drawing that captures the relationships 
between network elements and identifying 
the location of items on the network. 


dial-up 

A remote network access method that 
utilizes the local telephone line (Plain Old 
Telephone System [POTS]) to establish a 
connection between two computers fitted 
with modems. Dial-up is a legacy method 
of Internet access. It may still be deployed 
for special administrative purposes or as 
an emergency backup connection method. 
Configuration is generally a case of setting 
the telephone number, username, and 
password. 
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die 

The area on a silicon chip containing 
millions of transistors and signal pathways 
created by the hoping process. 


digital assistant 
A voice interface designed to respond to 
natural language commands and queries. 


digital camera 

Aversion of a 35mm film camera where 
the film is replaced by light-sensitive 
diodes (an array of CCDs [Charge Coupled 
Devices]) and electronic storage media 
(typically a flash memory card). The 
sensitivity of the array determines the 
maximum resolution of the image, 
measured in megapixels. 


digital certificate 

An X.509 digital certificate is issued by a 
Certificate Authority (CA) as a guarantee 
that a public key it has issued to an 
organization to encrypt messages sent to it 
genuinely belongs to that organization. 
Both parties must trust the CA. The public 
key can be used to encrypt messages but 
not to decrypt them. A message can only 
be decrypted by the private key, which is 
mathematically linked to the public key but 
not derivable from it. This is referred to as 
asymmetric encryption. Part of the CA's 
responsibility is ensuring that this private 
key is known only to the organization 
owning the certificate. This arrangement is 
referred to a Public Key Infrastructure 
(PKI). 


digital display 

A computer monitor that accepts a digital 
signal. Flat-panel monitors use digital 
signals and only support lower resolutions 
by interpolating the image, which can 
make it appear fuzzy. 


digitizer 

As part of a touchscreen assembly, the 
digitizer is a touch-sensitive glass panel 
covering the LCD. The panel converts 
touch events to digital signals that can be 
interpreted as different types of input. 


dim display 

When a mobile device has the 
backlightset to its lowest setting and the 
automatic light adjustment is disabled, or 


the phone is set to conserve power by 
auto-dimming the light. 


DIMM 

(Dual In-line Memory Module) The 
standard packaging for system memory. 
There are different pin configurations for 
different RAM types (DDR SDRAM [184], 
DDR2/3 SDRAM [240], and DDR4 SDRAM 
[288]). 


diode 

A valve, allowing current to flow in one 
direction only. These are used ina 
computer's power supply and as 
protection for components. 


direct thermal printer 

A thermal printer that uses heated pins to 
form images directly onto specially coated 
thermal paper. 


Disaster Recovery Plan 

A documented and resourced plan 
showing actions and responsibilities to be 
used in response to critical incidents. The 
recovery plan may also provide for 
practice exercises or drills for testing and 
to familiarize staff with procedures. As well 
as facilitating a smooth transition in the 
event of disaster, plans must stress the 
importance of maintaining secure systems. 


disk defragmentation 

Fragmentation occurs when a data file is 
not saved to contiguous sectors on a disk. 
This decreases performance by making the 
disk read/write heads move between 
fragments. Defragmentation is a software 
routine that compacts files back into 
contiguous areas of the disk. The process 
can be run from a command-line using the 
defrag utility, but it is more often run from 
Windows. 


disk mirroring 
See mirroring. 


disk striping 

A disk array access pattern where data is 
written in stripes to two or more disks 
sequentially, improving performance. Note 
that a RAID O striped volume provides no 
redundancy, and if any of the physical 
disks in the set fails, the whole volume will 
be lost. 
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disk thrashing 

A state in which the main memory is filled 
up, pages are swapped in and out of 
virtual memory—which needs to be 
written to the hard disk—in rapid 
succession, leading to possible early drive 
failure. 


disk wiping 

Using software to ensure that old data is 
destroyed by writing to each location on 
the media, either using zeroes or ina 
random pattern. This leaves the disk in a 
"clean" state ready to be passed to the 
new owner. 


DisplayPort 

Digital A/V interface developed by VESA. 
DisplayPort supports some cross- 
compatibility with DVI and HDMI devices. 


distended capacitors 

Capacitors that are swollen or bulging or 
emitting residue indicates that they have 
been damaged or could have failed due to 
a manufacturing defect. 


distinguished name 
A unique identifier for any given resource 
within the LDAP directory. 


distribution 

A complete Linux implementation, 
including kernel, shell, applications, and 
utilities, that is packaged, distributed, and 
supported by a software vendor. 


distribution frame 
A device that terminates cables and 
enables connections with other devices. 


distro 
See distribution. 


DLP (loss prevention) 

(Data Loss/Leakage Prevention ) Software 
that can identify data that has been 
classified and apply "fine-grained" user 
privileges to it (preventing copying it or 
forwarding by email, for instance). 


DLP (video) 

(Digital Light Processing) Mirror-based 
projector technology developed by Texas 
Instruments. 


DMZ 

(Demilitarized Zone) A private network 
connected to the Internet must be 
protected against intrusion from the 
Internet. However, certain services may 
need to be made publicly accessible from 
the Internet (web and email, for instance). 
One solution is to put such servers ina 
DMZ. The idea of a DMZ is that traffic 
cannot pass through it. If communication 
is required between hosts on either side of 
a DMZ, a host within the DMZ acts as a 
proxy. It takes the request and checks it. If 
the request is valid, it re-transmits it to the 
destination. External hosts have no idea 
about what (if anything) is behind the 
DMZ. A DMZ is implemented using either 
two firewalls (screened subnet) or a single 
three-legged firewall (one with three 
network ports). 


DNS 

(Domain Name System) A network service 
that provides names to IP address 
mapping services on the Internet and large 
intranets. DNS name servers host the 
database for domains for which they are 
authoritative. Root servers hold details of 
the top-level domains. DNS resolvers 
perform queries or lookups to service 
client requests. The DNS protocol utilizes 
TCP/UDP port 53. 


dock 

macOS feature for managing applications 
from the desktop, similar to the Windows 
taskbar. 


docking station 

A sophisticated type of port replicator 
designed to provide additional ports (such 
as network or USB) and functionality (such 
as expansion slots and drives) to a 
portable computer when used at a desk. 


DOCSIS 

(Data Over Cable Service Interface 
Specification) A global telecommunications 
standard that enables data to be sent over 
cable modems in a CATV system. 


domain controller 

Any Windows-based server that provides 
domain authentication services (logon 
services) is referred to as a domain 
controller (DC). Domain controllers 
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maintain a master copy of the database of 
network resources. 


domain name 

The unique and officially registered name 
that identifies a company, organization, or 
individual. 


domain network 

A group of computers which share a 
common accounts database, referred to as 
the directory. 


domain user account 

In a corporate environment, an account 
that is part of a domain, so the user 
account settings are controlled by the 
domain administrator. 


DoS 

(Denial of Service) A network attack that 
aims to disrupt a service, usually by 
overloading it. 


dot matrix printer 

A type of impact printer that uses a set of 
pins to strike the ribbon to create printed 
characters and images using combinations 
of dots. 


dotted decimal notation 
32 bit addresses displayed in human 
readable format using base-10 numbering. 


DRAM 

(Dynamic Random Access Memory) A type 
of volatile memory that stores each bit of 
data as a charge within a single transistor. 
Each transistor must be refreshed 
periodically. Standard DRAM is the lowest 
common denominator of the DRAM types. 
Modern PCs use a DRAM derivative to 
store data (Double Data Rate SDRAM). 


drive controller 

The controller is the circuitry in the disk 
unit that allows it to put data on the bus, 
which the HBA shuttles to the CPU or RAM. 


drive enclosure 

An external case that holds one or more 
disks and typically connects to the 
computer through USB or Thunderbolt 
ports. 


drive encryption 

The entire contents of the drive (or 
volume), including system files and folders, 
are encrypted. 


driver 

Software that creates an interface 
between a device and the operating 
system. It may also include tools for 
configuring and optimizing the device. 


DRM 

(Digital Rights Management) Copyright 
protection technologies for digital media. 
DRM solutions usually try to restrict the 
number of devices allowed for playback of 
a licensed digital file, such as a music track 
or ebook. 


drop cable 
Solid cables used for permanent links such 
as cable running through walls. 


DSL 

(Digital Subscriber Line) A technology for 
transferring data over voice-grade 
telephone lines. DSL uses the higher 
frequencies available in a copper 
telephone line as a communications 
channel. The use of a filter prevents this 
from contaminating voice traffic with 
noise. There are various "flavors" of DSL, 
notably S(ymmetric)DSL, A(symmetric)DSL, 
and V(ery HIgh Bit Rate)DSL. 


DSLAM 

(DSL Access Multiplier) A network device at 
the telecommunications central office that 
connects subscribers with the Internet. 


DSLR 

(Digital Single Lens Reflex) A digital camera 
that replicates the features of compact 
35mm film cameras, preserving the 
traditional viewfinder method of picture 
composition and supporting replaceable 
lenses and manual adjustments. 


DSP chip 

(Digital Signal Processor chip) The basis of 
a sound card containing one or more 
DACs. It also provides functions for playing 
digital sound (synthesis) and driving MIDI 
compatible devices. 


The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) | 1177 


DTLS 

(Datagram Transport Layer Security) TLS 
used with UDP applications, such as some 
VPN solutions. 


DTP 

(Desktop Publishing) An application similar 
to word processing but with more 
emphasis on the formatting and layout of 
documents than on editing the text. 


dual heat pipe 
Two heat pipe tubes to provide better 
cooling. 


dual rail 
A power supply with two +12 V rails. 


dual-channel memory 

Memory controller with two pathways 
through the bus to the CPU so that 128 
bits of data can be transferred per 
transaction. 


dumpster diving 

A social engineering technique of 
discovering things about an organization 
(or person) based on what it throws away. 


duplexing assembly 
A device that enables a printer or scanner 
to use both sides of a page automatically. 


DVD 

(Digital Video/Versatile Disk) An optical 
storage technology. DVDs offer higher 
capacities (4.7 GB per layer) than the 
preceding CD-ROM format. As with CDs, 
recordable and re-writable forms of DVD 
exist, though there are numerous 
competing formats (notably +R and +RW 
and DVD-RAM). 


DVD drive 

An optical drive similar to a CD drive, but 
with a different encoding method anda 
shorter wavelength laser. Typically can 
read and burn CD and DVD media. 


DVI 

(Digital Video Interface) A video adapter 
designed to replace the VGA port used by 
CRT monitors. The DVI interface supports 
digital only or digital and analog signaling. 


dye sublimation printer 
See thermal dye transfer printer. 


e-ink 

(electrophoretic ink) Micro-encapsulated 
black and white particles, electronically 
manipulated to create images and text on 
an e-reader. 


e-magazine 

A digital magazine that can be read on an 
electronic device such as an e-reader, 
smartphone, tablet, or computer. 


e-newspaper 
A digital newspaper that can be read on an 
electronic device such as an e-reader, 
smartphone, tablet, or computer. 


e-reader 
A tablet-sized device designed for reading 
rather than general-purpose computing. 


EAP 

(Extensible Authentication Protocol) 
Framework for negotiating authentication 
methods, supporting a range of 
authentication devices. EAP-TLS uses PKI 
certificates, Protected EAP (PEAP) creates a 
TLS-protected tunnel between the 
supplicant and authenticator to secure the 
user authentication method, and 
Lightweight EAP (LEAP) is a password- 
based mechanism used by Cisco. 


EAPoL 
(Extensible Authentication Protocol over 
LAN) Another term for EAP. See EAP. 


early-life failure rate 
A method of calculating how quickly a 
device will fail through accelerated testing. 


EAS 

(Exchange ActiveSync) Microsoft's 
synchronization protocol that enables 
mobile devices to connect to an Exchange 
Server to access mail, calendar, and 
contacts. 


eavesdropping 

Some transmission media are susceptible 
to eavesdropping (listening in to 
communications sent over the media). To 
secure transmissions, they must be 
encrypted. 
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ebook 

A digital book that can be read on an 
electronic device such as an e-reader, 
smartphone, tablet, or computer. 


ECC 

(Error Checking and Correcting [or Error 
Correcting Code]) System memory (RAM) 
with built-in error correction security. It is 
more expensive than normal memory and 
requires motherboard support. It is 
typically only used in servers. 


EDR 

(Enhanced Data Rate) An option in the 
Bluetooth specification that allows faster 
data rates and potentially better battery 
life. 


effective group ID 

In Linux, the group ID used by the kernel in 
determining the group permissions a 
process has when accessing files and 
shared resources. 


EFS 

(Encrypting File System) Under NTFS, files 
and folders can be encrypted to ensure 
privacy of the data. Only the user who 
encrypted the file can subsequently open 
it. 


EIR database 

(Equipment Identity Register database) A 
database where IMEI numbers are stored. 
A lost or stolen device IMEI is marked as 
invalid. 


Electrostatic discharge 
See ESD. 


electrostatic latent image 
Representation of the image to be printed 
created as a Series of raster lines with 
charge/no-charge areas. 


email filtering 

Techniques to prevent a user being 
overwhelmed with spam (junk email). 
Spam can be blocked from reaching an 
organization using a mail gateway to filter 
messages. At the user level, software can 
redirect spam to a junk folder (or similar). 
Anti-spam filtering needs to balance 
blocking illegitimate traffic with permitting 
legitimate messages. Anti-spam 


techniques can also use lists of known 
spam servers (blacklists). 


embedded system 

A computer system that is designed to 
perform a specific, dedicated function, 
such as a microcontroller in a medical drip 
or components in a control system 
managing a water treatment plant. 


EMF 

(Enhanced MetaFile) When using EMF, the 
software application and GDI quickly 
produce a partial print job. Control is then 
released back to the user while spooling 
continues in the background (GDI and the 
print driver are called to complete the 
processing of the job). 


enclosure 

A container with its own air filters and fans 
to protect computers or other devices in 
dirty or dusty environments. 


encryption 

Scrambling the characters used ina 
message so that the message can be seen 
but not understood or modified unless it 
can be deciphered. Encryption provides for 
a secure means of transmitting data and 
authenticating users. It is also used to 
store data securely. Encryption uses 
different types of cipher and one or more 
keys. The size of the key is one factor in 
determining the strength of the encryption 
product. 


encryption key 

A specific piece of information that is used 
with an algorithm to perform encryption 
and decryption in cryptography. 


end of life system 
A system that is no longer supported by 
the developer or vendor. 


Endpoint Management Server 
Facilitates the defense in depth process by 
identifying computing devices running on 
the network and ensuring that they are 
securely configured. This can include 
applying OS and antivirus updates 
automatically, cataloging software 
applications installed on each device, 
applying security policies, retrieving and 
analyzing log files, and monitoring 
performance and other status alerts. 
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energy 
The amount of power consumed by a 
device over time, measured in Watt-hours 
(or more typically Kilowatt-hours [kWh)). 


entry control roster 
Sign-in sheet for managing access to 
premises. 


environment variable 
A storage location in the environment of 
the operating system's command shell. 


environmental power problems 
Issues affecting power including surges, 
brownouts, and blackouts caused by 
failures in the building power supply. 


EP drum 

(Electrostatic Photographic drum) The 
component in a laser printer that carries 
the electrical charge to attract toner and 
then to transfer the toner to the paper. 


EPD 

(Electronic Paper Display) A low-power 
display using e-ink to create a display that 
mimics the look of text on paper without 
using a backlight or glossy surface. 


EPS specification 

(Entry-level Power Supply specification) 8- 
pin +12 V connectors developed initially 
for server-class hardware. 


EPT 
(Extended Page Table) The term used for 
SLAT extensions by Intel. 


erase lamp 
See cleaning unit. 


eSATA 

(external Serial Advanced Technology 
Attachment) An external interface for SATA 
connections, enabling you to connect 
external SATA drives to PCs. 


eSATAp 

A non-standard powered port used by 
some vendors that is compatible with both 
USB and SATA (with an eSATAp cable). 


escape character 

A character used to allow alternate use of 
a reserved character within a particular 
programming language. The escape 


characters vary between programming 
languages. Often used to allow use of a 
reserved character within a string. 


ESD 

(electrostatic discharge) The release of a 
charge from a metal or plastic surface that 
occurs when a potential difference is 
formed between the charged object and 
an oppositely charged conductive object. 
This electrical discharge can damage 
silicon chips and computer components if 
they are exposed to it. 


Ethernet 

A family of networking technologies that 
provide connectivity by using Ethernet 
network adapters, contention-based 
media access, and twisted pair, coax, or 
fiber media. 


EULA 

(End User License Agreement) The 
agreement governing the installation and 
use of proprietary software. 


evil twin 

In an evil twin attack, the attacker creates a 
malicious wireless access point 
masquerading as a genuine one, enabling 
the attacker to harvest confidential 
information as users connect via the AP. 


Exchange 

Microsoft Exchange is a client-based email 
system that allows mobile devices to sync 
with the server. 


execute 
Carry out the command entered by a user 
or as read from a script file. 


execution control 

Logical security technologies designed to 
prevent malicious software from running 
on a host and establish a security system 
that does not entirely depend on the good 
behavior of individual users. 


exFAT 
A file system designed for flash memory 
cards and memory sticks. 


expansion bus 

The external bus that allows additional 
components to be connected to the 
computer. 
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expansion cards 

A printed circuit board that is installed in a 
slot on a system board to provide special 
functions for customizing or extending a 
computer's capabilities. Also referred to as 
adapter card, I/O card, add-in, add-on, or 
board. 


expansion slots 

Connection slots on the motherboard in 
which adapter cards can be installed to 
extend the range of functions the 
computer can perform. 


Explorer 
See File Explorer. 


Extended Service Set 
Basic service sets can be grouped into an 
extended service set. 


external transfer rate 
A measure of how fast data can be 
transferred to the CPU across the bus. 


extranet 

A network of semi-trusted hosts, typically 
representing business partners, suppliers, 
or customers. Hosts must authenticate to 
join the extranet. 


Face ID 
The Apple device feature that uses face 
lock to grant access to the device. 


face lock 

A biometric authentication mechanism in 
which the hash is computed from a picture 
of the user's face. 


factory default reset 

Setting a mobile device back to the original 
factor settings, creating a clean OS, 
removing all data and apps, and resetting 
any configuration done by the user. 


Factory Recovery Partition 

Disk partition accessible via the startup 
sequence that contains an image of the 
system partition as produced by the PC 
vendor. This can be used to recover the PC 
to its factory state by performing a repair 
install, but will erase any user data or 
installed programs. 


failed login attempts 

A configurable value that specifies how 
many incorrect login attempts can be used 
before the device is locked for a specified 
length of time. 


Fair Use Policy 
See AUP. 


false negative 
A condition where a system denies entry 
when it should have granted it. 


false positive 
A condition where a system grants entry 
when it should have denied it. 


Family Safety Settings 

A Microsoft Windows setting that helps 
protect children by limiting their access to 
functions and features. 


fast charge 

A general technology for quickly charging 
mobile devices using varying voltages to 
speed up charging times. 


FAT 

(File Allocation Table) A basic disk format 
allowing the OS to write data as files on a 
disk. The original 16-bit version (FAT16, but 
often simply called FAT) was replaced by a 
32-bit version that is almost universally 
supported by different operating systems 
and devices. A 64-bit version (exFAT) was 
introduced with Windows 7 and is also 
supported by XP SP3 and Vista SP1 and 
some versions of Linux and macOS. There 
is also a 12-bit version used to format 
floppy disks. 


FAT16 

(File Allocation Table, 16-bit) The 16-bit file 
system used in the Windows 3.1 and DOS 
operating systems with 128 K sectors that 
only allowed very small partitions (about 
32 MB) with later Windows versions 
employing 512 K sectors allowing for 2 GB 
partitions. 


FAT32 

(File Allocation Table, 32-bit) The 32-bit file 
system that allows approximately 4 GB 
partitions. 
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FDE 

(full disk encryption) Encryption of all data 
on a disk (including system files, 
temporary files, and the pagefile) can be 
accomplished via a supported OS, third- 
party software, or at the controller level by 
the disk device itself. Used with a strong 
authentication method, this mitigates 
against data theft in the event that the 
device is lost or stolen. The key used to 
encrypt the disk can either be stored ona 
USB stick or smart card or in a Trusted 
Platform Module. 


FDM 
(fused deposition modeling) See FFF. 


feature updates 

Semi-annual updates to the Windows 
operating system that include enhanced 
features that are installed in multiple 
phases, requiring a reboot after each 
phase of the update installation. Compare 
with quality updates. 


federated identity management 

An agreement between enterprises to 
allow users to authenticate using the same 
information to all networks within the 
agreed upon group. 


feed assembly 

In a thermal printer, a stepper motor turns 
a rubber-coated roller to feed the paper 
through the print mechanism using friction 
feed. 


feed roller 

Roller that works with a separation roller 
or pad to feed just one sheet of paper (or 
other media) into the printer mechanism. 


female port 
A port that has hole connectors. 


FFF 

(fused filament fabrication) A 3D printing 
method which lays down each layer of 
filament at high temperature, and as 
layers are extruded, adjacent layers are 
allowed to cool and bond together before 
additional layers are added to the object. 


filament 

In 3D printing, the spool of plastic or other 
material used to create the three- 
dimensional object. 


file attribute 

A characteristic that can be associated with 
a file or folder that provides the operating 
system with important information about 
the file or folder and how it is intended to 
be used by system users. 


File Explorer 

A Microsoft Windows tool that offers a 
single view of all the resources and 
information that you can access froma 
computer. 


file extension 

A series of characters at the end of a file 
name; used by an OS to identify the 
software application that is associated 
with a file. 


file system hierarchy 

In Linux, the directory structure starting 
with the root directory (/) with directories 
and subdirectories below it to store files. 


Finder 
The file management GUI in macOS. 


fingerprint sensor 

A device, usually integrated into a mobile 

device, that reads the user's fingerprint to 
determine whether to grant access to the 
device. 


firewall 

Hardware or software that filters traffic 
passing into or out of a network. A basic 
packet-filtering firewall works at Layer 3 
(Network). Packets can be filtered 
depending on several criteria (inbound or 
outbound, IP address, and port number). 
More advanced firewalls (proxy and 
stateful inspection) can examine higher 
layer information, to provide enhanced 
security. 


firewall apps 

Mobile device firewall app that can 
monitor app activity and prevent 
connections to particular ports or IP 
addresses. 


firmware 

This refers to software instructions stored 
semi-permanently (embedded) ona 
hardware device. Modern types of 
firmware are stored in flash memory and 
can be updated more easily than legacy 
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programmable Read Only Memory (ROM) 
types. 


flash memory 

Flash RAM is similar to a ROM chip in that 
it retains information even when power is 
removed, but it adds flexibility in that it 
can be reprogrammed with new contents 
quickly. Flash memory is used in USB 
thumb drives and memory cards for 
removable storage and in Solid State 
Drives (SSDs), designed to replicate the 
function of hard drives. 


flatbed scanner 

A type of scanner where the object is 
placed on a glass faceplate and the scan 
head moved underneath it. 


floating point numbers 
Data type supporting storage of floating 
point numbers (decimal fractions). 


folder redirection 

A Microsoft Windows technology that 
allows an administrative user to redirect 
the path of a local folder (such as the 
user's home folder) to a folder ona 
network share, making the data available 
to the user when they log into any 
computer on the network where the 
network share is located. 


fonts 

The display and word processing 
programs can make use of any typeface 
designs (fonts) installed on the local 
system. Most Windows fonts are 
OpenType (replacing the earlier TrueType) 
but some design programs and printers 
also use Adobe Type 1 fonts. 


footprinting 

An information gathering threat, in which 
the attacker attempts to learn about the 
configuration of the network and security 
systems through social engineering attacks 
or software-based tools. 


force stop 
An Android option to close an 
unresponsive app. 


forensics 

The process of gathering and submitting 
computer evidence to trial. Digital 
evidence is latent, meaning that it must be 


interpreted. This means that great care 
must be taken to prove that the evidence 
has not been tampered with or falsified. 
The key points in collecting evidence are to 
record every step and action, to gather 
appropriate evidence, and to bag 
evidence. To preserve evidence correctly, it 
should be stored securely. Any 
investigation should be done on a copy of 
the digital files, not the originals. Each 
piece of evidence must be accompanied by 
a chain of custody form, detailing when, 
where, and how it was collected, where it 
has been stored, and who has handled it 
subsequently to collection. 


formatter board 

In a laser printer, the unit that exposes 
and processes all of the data received 
from the computer and coordinates the 
steps needed to produce the finished 


page. 


FPU 

(Floating Point Unit) A math co-processor 
built into the CPU that performs 
calculations on floating point numbers. 


FQDN 

(Fully Qualified Domain Name) The full 
name of any host which reflects the 
hierarchy from most specific (the host) to 
the least specific (the top level domain 
followed by the root). 


fragmentation 

Occurs when a data file is not saved to 
contiguous sectors on a disk. This 
decreases performance by making the disk 
read/write heads move between 
fragments. 


frame rate 

The number of times the image in a video 
stream changes per second. This can be 
expressed in Hertz or Frames per Second 


(fps). 


freeware 
Software that is available for download 
and use free of charge. 


frequency response 
The volume that can be produced at 
different frequencies. 
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friction feed 

An impact printer mechanism that uses 
two rolls placed one on top of the other to 
force individual cut sheets of paper or 
envelopes through the paper path. 


front panel 

The portion of the system case that 
provides access to removable media 
drives, power switch, and LEDs to indicate 
driver operation. 


FRU 

(field replaceable unit) An adapter or other 
component that can be replaced by a 
technician on-site. Most PC and laptop 
components are FRUs, while the 
components of smartphones are not. 


FTP 

(File Transfer Protocol) A protocol used to 
transfer files across the Internet. Variants 
include S(ecure)FTP, FTP with SSL (FTPS 
and FTPES), and T(rivial)FTP. FTP utilizes 
ports 20 and 21. 


FTTC 

(Fiber to the Curb/Cabinet) A fiber optic 
solution which places the connection on a 
pole or cabinet at the curb, then coax or 
twisted pair cables carry the signal from 
this point to the home or business. 


FTTH 

(Fiber to the Home) A fiber optic solution 
which places the connection inside the 
home or residence. 


FTTN 

(Fiber to the Node) A fiber optic solution 
which places the connection within one 
mile of customers with the final 
connections made using existing phone or 
cable lines. 


FTTP 

(Fiber to the Premises) A fiber optic 
solution which places the connection 
inside the premises. 


fuse 

A circuit breaker designed to protect the 
device and users of the device from faulty 
wiring or supply of power (overcurrent 
protection). 


fuser assembly 

The part of a laser printer that fixes toner 
to media. This is typically a combination of 
a heat and pressure roller, though non- 
contact flash fusing using xenon lamps is 
found on some high-end printers. 


game pad 

A controller containing multiple buttons 
and toggles, each of which controls a 
different action in a video game or 
program, typically held and manipulated 
with two hands. 


gaming rig 

A computer used for standalone or online 
gaming, often connected to surround 
sound speakers or headphones, 
sometimes integrated with virtual reality 
goggles. May use specialized gaming 
equipment such as gaming controllers, 
joysticks, gaming mouse, and keyboard. 


GDI 

(Graphics Device Interface) The Windows 
XP component responsible for drawing 
graphics objects. Cheaper printers use GDI 
as the print processor. Windows Vista and 
later have a redesigned display/print 
architecture called Windows Presentation 
Foundation, but retain compatibility with 
GDI applications. 


generator 
See backup power generator. 


geolocation 

The process of identifying the real-world 
geographic location of an object, often by 
associating a location such as a street 
address with an IP address, hardware 
address, Wi-Fi positioning system, GPS 
coordinates, or some other form of 
information. 


geotagging 

The process of adding geographic location 
metadata to captured media such as 
pictures or videos. 


geotracking 

Determining the location of a person or 
object using the GPS data from a GPS- 
enabled device. 
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gestures 

Finger movements on a trackpad or 
mouse that enable a user to scroll, zoom, 
and navigate desktop, document, and 
application content. 


global address 

In an IPv6 address, an address that is 
unique on the Internet (equivalent to 
public addresses in IPv4). 


gloss coating 

A display coating that helps the display 
appear richer, but reflects more light, 
which can cause problems with screen 
glare and reflections of background 
objects. Compare with matte coating. 


gloves 

Latex hand coverings to protect the 
technician when they are working around 
a toner spill. 


Gnome 
A popular Linux GUI desktop. 


GNU 
A recursive acronym standing for "GNU is 
Not UNIX." 


Google account 
An account from Google used to access an 
Android device and related online services. 


Gov Cloud 

A Google cloud service that can be used by 
branches of the U.S. government, but is 
not available to other consumers or 
businesses. 


GP registers 

(General Purpose registers) Registers that 
store data from the CPU's basic instruction 
set. 32-bit processors have 32-bit GP 
registers for the x86/IA-32 instruction set; 
64-bit processors are so-called because 
they have 64-bit GP registers. CPUs also 
support larger registers to optimize 
graphics processing. 


GPO 

(Group Policy Object) On a Windows 
domain, per-user and per-computer 
settings can be deployed through Group 
Policy Objects attached to Active Directory 
containers, such as domains and 
Organization Units. Group policy can be 


used to configure security settings such as 
password policy, account restrictions, 
firewall status, and so on. 


gpresult 
A command line tool that displays the 
RSoP for a computer and user account. 


GPS 

(Global Positioning System) Means of 
determining a receiver's position on the 
Earth based on information received from 
GPS satellites. The receiver must have line- 
of-sight to the GPS satellites. 


GPT 

(GUID Partition Table) A modern disk 
partitioning system allowing large 
numbers of partitions and very large 
partition sizes. 


GPU 

(Graphics Processing Unit) a Type of 
microprocessor used on dedicated video 
adapter cards or within a CPU with 
integrated graphics capability. 


gpupdate 

A command line tool to apply a new or 
changed policy immediately. When used 
with the /force option, it causes all policies 
(new and old) to be reapplied. 


graphics adapter 
See video card. 


grounded 

An equipment ground provides a safe path 
for electrical current to flow away in the 
event that a device or cable is faulty. Self- 
grounding removes any static potential 
difference between a technician's clothes 
and body and a device they are handling, 
reducing the risk of damaging the 
component through Electrostatic 
Discharge (ESD). 


GSM 

(Global System for Mobile Communication) 
Standard for cellular radio 
communications and data transfer. GSM 
phones use a SIM card to identify the 
subscriber and network provider. 4G and 
later data standards are developed for 
GSM. 
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Guest account 

A Microsoft Windows user account with 
limited capabilities, no privacy, and is 
disabled by default. 


GUI 

(Graphical User Interface) An easy to use, 
intuitive interface for a computer 
operating system. Most GUIs require a 
pointing device, such as a mouse, to 
operate efficiently. One of the world's first 
GUlI-based operating systems was the 
Apple Mac OS, released in 1984. 
Thereafter, Microsoft produced their 
Windows family of products based around 
their GUI. In fact, recognizing that GUI 
covers a whole range of designs, the 
Windows interface is better described as a 
WIMP (Windows, Icons, Menus, Pointing 
[device]) interface. 


guideline 

Used for areas of policy where there are 
no procedures either because the 
situation has not been fully assessed or 
because the decision making process is 
too complex and subject to variables to 
capture it in a procedure. 


gyroscope 
Mobile device technology that can 
determine the rotation of a device with a 
sensor that measures the rotation of the 
device. (See also accelerometer/ 
gyroscope). 


hacker collective 
A group of hackers, working together, to 
target an organization as part of a cyber 
warfare campaign. 


haptic feedback 

Tactile response on a touchscreen device, 
typically a slight vibration of the surface, 
although the entire device can vibrate in 
certain responses. 


hard copy 
Printer output of electronic documents 
onto paper. 


hardening 

A security technique in which the default 
configuration of a system is altered to 
protect the system against attacks. 


hardware RAID solution 

A method of creating volumes from an 
array of physical disks by using a plug-in 
controller card or the motherboard, 
independently of the installed OS. 


hash 

The value that results from hashing 
encryption as a short representation of 
data. Also called a hash value or message 
digest. 


hash function 

A variable length string (text) is taken as 
input to produce a fixed length value as 
output. 


HAV 

(Hardware Assisted Virtualization) 
Instruction set extensions (Intel VT-x and 
AMD.-V) that facilitate the operation of 
virtual machines. 


HBA 

(host bus adapter) A component allowing 
storage devices to exchange data with a 
computer system using a particular 
interface (PATA, SATA, SCSI, and so on). 
Motherboards will come with built-in host 
adapters and more can be added as 
expansion cards if necessary. 


HCL 

(Hardware Compatibility List) Before 
installing an OS, it is vital to check that all 
the PC components have been tested for 
compatibility with the OS (that they are on 
the Hardware Compatibility List [HCL] or 
Windows Logo'd Product List). 
Incompatible hardware may not work or 
may even prevent the installation from 
completing successfully. 


HDD 

(Hard Disk Drive) A device providing 
persistent mass storage for a PC (saving 
data when the computer is turned off). 
Data is stored using platters with a 
magnetic coating that are soun under disk 
heads that can read and write to locations 
on each platter (sectors). A HDD installed 
within a PC is referred to as the fixed disk. 
HDDs are often used with enclosures as 
portable storage or as Network Attached 
Storage (NAS). 
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HDMI 

(High Definition Multimedia Interface) 
High-specification digital connector for 
audio-video equipment. 


head unit 
In a car, the unified hardware interface for 
the audio system and related components. 


headset 
A device that combines headphones and 
microphone in a single device. 


health policy 

Policies or profiles describing a minimum 
security configuration that devices must 
meet to be granted network access. 


heat pipe 

A sealed tube containing water or ethanol 
coolant. The liquid close to the heat source 
evaporates then condenses at a cooler 
point in the pipe and flows back towards 
the heat source. 


heat sink 

A passive heat exchanger that dissipates 
heat from a source such as a CPU and 
transfers it, normally via an enlarged 
surface area, to another medium such as 
air or water. 


heat spreader 
Similar to a heat pipe except it is a flat 
container rather than a pipe. 


heating element 

In a thermal printer, the component within 
the printer that is heated to react to 
chemicals in thermal paper to change 
color, creating images on the thermal 


paper. 


heuristic 

Monitoring technique that allows dynamic 
pattern matching based on past 
experience rather than relying on pre- 
loaded signatures. 


HFC Cable 

(Hybrid Fiber Coax cable) A cable Internet 
connection is usually available along with a 
cable telephone/television service (Cable 
Access TV [CATV]). These networks are 
often described as Hybrid Fiber Coax (HFC) 
as they combine a fiber optic core network 
with coax links to consumer premises 


equipment, but are more simply just 
described as "cable." Consumers interface 
with the service via a cable "modem" 
(actually functioning more like a bridge). 


HFS+ 

(Extended Hierarchical File System) The file 
system used by Apple Mac workstations 
and laptops. 


HIDs 

(Human Interface Devices) Peripherals that 
enable the user to enter data and select 
commands. 


high resource utilization 

When apps, especially malware or rogue 
apps, use excessive processor cycles (often 
trying to collect data in the background) 
and overwhelm a mobile device. 


hives 

The Windows Registry is made up of hives. 
Each hive contains a discrete body of 
configuration data corresponding to an 
aspect of the system; for example; the 
SOFTWARE hive contains all the software 
configuration information. The files 
comprising the hives are stored in the 
%SystemRoot%\System32\Config folder. 


home directory 

A directory where you are placed when 
you log in to a Linux system. It is typically 
represented by the ~ symbol. 


home folder 

A private network storage area located ina 
shared network server folder in which 
users can store personal files. 


home server PC 

Either a home theater PC (HTPC) with a 
slightly expanded role or a repurposed 
desktop or low-end PC server used 
primarily for file storage, media streaming, 
and printer sharing. 


homegroup 

Windows networking feature designed to 
allow Windows 7 and later home networks 
to share files and printers easily through a 
simple password protection mechanism. 
Earlier versions of Windows are not 
supported. Support for homegroups was 
discontinued in later versions of Windows 
10. 
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host controller 

A hardware component of the USB 
subsystem responsible for recognizing 
when a USB device is attached or removed 
from the system, monitors the device 
status, provides power to the USB devices, 
and controls the flow of data between the 
USB host and USB devices. 


host firewall 
See personal firewall. 


host ID 

In an IP address, the portion of the 
address that uniquely identifies a host on 
a particular IP network 


host name 
The description name assigned to a 
computer. 


host-hinted mode 

A SATA standard (version 3.2) that defines 
a set of commands to allow the host 
computer to specify how the cache should 
be used. 


hot swappable 

A device that can be added or removed 
without having to restart the operating 
system. 


hotfix 

A hotfix is a software update designed and 
released to particular customers only, 
though they may be included in later 
Service Packs. 


hotspot 
A location served by some sort of device 
offering Internet access via Wi-Fi. 


HT 

(HyperThreading) Intel CPU architecture 
implemented on many Pentium 4 models. 
HT exposes two or more logical processors 
to the OS, delivering performance benefits 
similar to SMP. 


HTPC 

(Home Theater PC) A PC used in place of 
consumer appliances such as Personal 
Video Recorders (PVRs) to watch and 
record TV broadcasts and play movies and 
music. 


HTT 
(HyperThreading technology) Intel's term 
for HyperThreading. 


HTTP 

(HyperText Transfer Protocol) The protocol 
used to provide web content to browsers. 

HTTP uses port 80. HTTPS(ecure) provides 

for encrypted transfers, using SSL/TLS and 
port 443. 


HTTPS 

(HTTP Secure) A protocol that provides for 
encrypted transfers, using SSL/TLS and 
port 443. 


hub 

An OSI layer 1 (Physical) network device 
used to implement a star network 
topology on legacy Ethernet networks. 
Hubs may also be known as "multiport 
repeaters" or concentrators. They are the 
central points of connection for segments 
and act like repeaters so that every 
segment receives signals sent from any 
other segment. 


HVAC 

(Heating, Ventilation, and Air Conditioning) 
The building environmental heating and 
cooling services and the control of those 
systems. 


hybrid drive 

A drive in which a portion is SSD, which 
functions as a large cache, containing 
frequently accessed data and a magnetic 
disk portion which is only spun up when 
non-cached data is accessed. 


I/O addresses 

(Input/Output addresses) Input/output 
peripherals have a special area of memory 
in the range 0000-FFFF set aside to allow 
data reading and writing functions. This is 
normally configured by Plug-and-Play but 
can be set manually using Device 
Manager. 


I/O port 
A device connection through which data 
can be sent and received. 


IA-32 
See x86-32. 
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1A-64 

The 64-bit instruction set developed by 

Intel for its Itanium server CPU platform 
that never gained acceptance in the PC 

market. 


laaS 

(Infrastructure as a Service) A cloud 
computing service that enables a 
consumer to outsource computing 
equipment purchases and running their 
own data center. 


IC 
(integrated circuit) A silicon chip 
embedded on a ceramic plate. 


iCloud 

Cloud storage service operated by Apple 
and closely integrated with macOS and 
iOS. 


iCloud Keychain 

A Keychain feature that makes the same 
passwords securely available across all 
macOS and iOS devices. 


ICM 

(information content management) The 
process of managing information over its 
lifecycle, from creation to destruction. 


ICMP 

(Internet Control Message Protocol) IP- 
level protocol for reporting errors and 
status information supporting the function 
of troubleshooting utilities such as ping. 


IDE 

(Integrated Development Environment) A 
programming environment that typically 
includes a code editor containing an 
autocomplete feature to help you write 
code, a debugger to help you find coding 
errors, and an interpreter that translates 
the script file code into machine readable 
code the computer can execute. 


identifier 

A computer programming component 
used to access program elements such as 
a stored value, class, method, or interface. 


IDF 
(Intermediate Distribution Frame) A cable 
rack that interconnects the 


telecommunications wiring between an 
MDF and any end-user devices. 


IDS 

(Intrusion Detection System) Software or 
security appliance designed to monitor 
network traffic (NIDS) or configuration files 
and logs on a host (HIDS) to record and 
detect unusual activity. Many systems can 
automatically take preventive action 
(Intrusion Prevention System [IPS]). 
Detection is either signature-based or 
anomaly-based (or both). IDS software 
typically requires a lengthy period of 
configuration and "training" to recognize 
baseline "normal" activity. 


IEEE 802.11 
A series of Wi-Fi standards used to 
implement Wireless Local Area Networks. 


illuminance 
The light projecting power. Compare with 
luminance. 


image 

A duplicate of an operating system 
installation (including installed software, 
settings, and user data) stored on 
removable media. Windows makes use of 
image-based backups and they are also 
used for deploying Windows to multiple 
PCs rapidly. 


image level backup 

Backup of a virtual machine which 
captures all of the information required to 
run the VM. 


imaging drum 
See EP drum. 


IMAP 

(Internet Message Access Protocol) A 
TCP/IP application protocol providing a 
means for a client to access email 
messages stored in a mailbox on a remote 
server. Unlike POP3, messages persist on 
the server after the client has downloaded 
them. IMAP also supports mailbox 
management functions, such as creating 
subfolders and access to the same 
mailbox by more than one client at the 
same time. IMAP4 utilizes TCP port 
number 143. 
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IMEI number 

(International Mobile Equipment Identity 
number) A number that uniquely identifies 
a mobile device on a GSM network. 


impact printer 

Typically, a dot matrix printer, this uses 
pressure to transfer ink from a ribbon 
onto paper in a particular pattern, similar 
to the mechanism of a typewriter. 


impersonation 

An approach in which an attacker pretends 
to be someone they are not, typically an 
average user in distress, or a help-desk 
representative. 


implicit deny 

Implicit deny is a basic principle of security 
stating that unless something has explicitly 
been granted access it should be denied 
access. An example of this is firewall rule 
processing, where the last (default) rule is 
to deny all connections not allowed by a 
previous rule. 


IMSI number 

(International Mobile Subscriber Identity 
number) A number that uniquely identifies 
a mobile subscriber. 


in-place upgrade 

Installing the OS on top of an existing 
version of the OS, retaining applications, 
user settings, and data files. 


incident 

Something that is not normal and disrupts 
regular operations in the computing 
environment. 


incident management 

A set of practices and procedures that 
govern how an organization will respond 
to an incident in progress. 


Incident Response Policy 

Procedures and guidelines covering 
appropriate priorities, actions, and 
responsibilities in the event of security 
incidents. The stages will generally be 
notification, investigation, remediation, 
and follow-up. Incident response is often 
handled by a special group—the Computer 
Security Incident Response Team—made 
up of staff with both technical skills and 
decision-making authority. 


incineration 
Exposing the disk to high heat to melt its 
components. 


infrastructure mode 

Wi-Fi network configuration in which each 
client device or station is configured to 
connect to the network via an access 
point. 


ink cartridge 

In an inkjet printer, a cartridge containing 
an ink reservoir and sensors to detect the 
amount of remaining ink, typically with 
separate cartridges for cyan, magenta, 
yellow, and black ink. Most ink cartridges 
also contain the print head for the printer. 


ink dispersion printer 

Better known as inkjets, this is a type of 
printer where colored ink is sprayed onto 
the paper using microscopic nozzles in the 
print head. There are two main types of 
ink dispersion system: thermal shock 
(heating the ink to form a bubble that 
bursts through the nozzles) and 
piezoelectric (using a tiny element that 
changes shape to act as a pump). 


ink jet printer 
See ink dispersion printer. 


input voltage 

A PSU setting to set North American power 
supplies to 115 V and UK power supplies 
to 240 V. 


insert mode 
In Linux vi editor, the mode that allows 
users to insert text by typing. 


installation boot method 
The way in which the installation program 
and settings are loaded onto the PC. 


instruction set 
The machine language code and 
commands the CPU can process. 


insulator 
A material that does not conduct 
electricity, such as rubber or plastic. 


integer 
Data type supporting storage of whole 
numbers. 
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integrated GPU 

(integrated graphics processing unit) A 
graphics adapter built into the 
motherboard or the CPU. 


integrity 

The fundamental security goal of ensuring 
that electronic data is not altered or 
tampered with. 


interface 
The point at which two devices connect 
and communicate with each other. 


internal transfer rate 

A measure of how fast read/write 
operations are performed on the disk 
platters. Also known as data or disk 
transfer rate. 


Internet backbone 
The major infrastructure of the Internet. 


interpreted 

A command language in which the 
commands in a script file are performed 
without being compiled into a machine- 
level set of instructions. In interpreted 
languages, the code must be read and 
evaluated each time the script is run, 
making it slower than compiled 
instructions. 


intranet 

A network designed for information 
processing within a company or 
organization. An intranet uses the same 
technologies as the Internet but is owned 
and managed by a company or 
organization. 


inventory management 

An inventory is a list of things, usually 
stored in a database. Inventories are 
usually compiled for assets. 


iOS 
Mobile OS developed by Apple for its 
iPhone and iPad devices. 


loT 

(Internet of Things) The global network of 
personal devices (such as phones, tablets, 
and fitness trackers), home appliances, 
home control systems, vehicles, and other 
items that have been equipped with 


sensors, software, and network 
connectivity. 


IP 

(Internet Protocol) The network (Internet) 
layer protocol in the TCP/IP suite providing 
packet addressing and routing for all 
higher level protocols in the suite. 


IP scale 

(ingress protection) An international 
standard to determine how well electrical 
enclosures are sealed against dust, water, 
moisture, and other intrusive materials 
from entering the enclosure. The ratings 
scale is defined in the British 
EN60529:1992 and European IEC 
60509:1989 standards. 


IPS 

(in-plane switching) An LCD panel 
technology designed to resolve the quality 
issues inherent in TN panel technology, 
including strong viewing angle 
dependence and low-quality color 
reproduction. 


IPS 

(Intrusion Protection System) Systems that 
can automatically take preventive action 
using signature-based or anomaly-based 
detection. Also known as network IDS 
(NIDS). 


IPS 

(Indoor Positioning Systems) A system that 
works out a device's location by 
triangulating its proximity to other radio 
sources, such as Wi-Fi access points or 
Bluetooth beacons. 


IPSec 

(Internet Protocol Security) Layer 3 
protocol suite providing security for 
TCP/IP. It can be used in two modes 
(transport, where only the data payload is 
encrypted, and tunnel, where the entire IP 
packet is encrypted and a new IP header 
added). IPsec can provide confidentiality 
and/or integrity. Encryption can be applied 
using a number of hash (MD5 or SHA) and 
symmetric (DES or AES) algorithms. Key 
exchange and security associations are 
handled by the Internet Key Exchange 
Protocol. Hosts can be authenticated by a 
shared secret, PKI, or Kerberos. 
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IR 

(Infrared) Infrared Data Association (IrDA) 
was a wireless networking standard 
supporting speeds up to about 4 Mbps. 
Infrared (IR) sensors are used in mobile 
devices and with IR blasters to control 
appliances. 


IRQ 

(Interrupt Request) A communications 
channel between a hardware device and 
the system processor. Originally, when 
hardware was added to the computer it 
had to be manually configured with a 
unique interrupt number (between 0 and 
15). Plug-and-Play compatible systems 
configure resources automatically. The PCI 
bus introduced IRQ steering, which 
allowed IRQs to be shared. Modern 
computers use programmable interrupt 
controllers, allowing for hundreds of 
interrupts. 


ISDN 

(Integrated Services Digital Network) A 
digital phone/fax/data service used to 
provide Internet connectivity. There are 
two classes of ISDN: Basic Rate Interface 
(BRI) provides two 64 Kbps (B channels) for 
data and one 16 Kbps (D channel) for link 
management control signals; Primary Rate 
Interface (PRI) provides either T1 or E1 
capacity levels (23B or 30B) channels, 
depending on location in the world, and 
one 64 Kbps D channel. 


ISO file 

A file that contains all of the contents from 
an optical disc in a single file which can be 
mounted to the file system as though it 
were a physical optical drive. 


ISP 

(Internet Service Provider) An organization 
that provides a connection to the Internet 
and other web- and email-related services. 
A connection to the ISP's Internet routing 
equipment can be made using a variety of 
methods. 


ITIL 

(IT Infrastructure Library) An IT best 
practice framework, emphasizing the 
alignment of IT Service Management 
(ITSM) with business needs. ITIL was first 
developed in 1989 by the UK government 


and the ITIL v3 2011 edition is now 
marketed by AXELOS. 


IXPs 

(Internet eXchange Points) High bandwidth 
trunks that connect to the Internet 
backbone. 


jailbreaking 

Removing manufacturer restrictions on a 
device to allow other software, operating 
systems, or networks to work with a 
device. Typically refers to iPhone devices. 


jamming 

In wireless networking, the phenomenon 
by which radio waves from other devices 
interfere with the 802.11 wireless signals 
used by computing devices and other 
network devices. 


jitter 

A variation in the time it takes for a signal 
to reach the recipient. Jitter manifests itself 
as an inconsistent rate of packet delivery. 
If packet loss or delay is excessive, then 
noticeable audio or video problems 
(artifacts) are experienced by users. 


joystick 

A pivoting stick or lever attached to a base 
that is used to control movement on a 
device. 


jumper 

Asmall plastic clip containing a metal 
conductor that fits over two contacts to 
complete a circuit that configures the 
motherboard or adapter card one way or 
another. 


KB 

(Knowledge Base) A searchable database 
of product FAQs (Frequently Asked 
Questions), advice, and known 
troubleshooting issues. The Microsoft KB is 
found at support.microsoft.com. 


kernel 

A low-level piece of code responsible for 
controlling the rest of the operating 
system. 


key exchange 

Two hosts need to know the same 
symmetric encryption key without any 
other host finding out what it is. 
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key fob 

A chip implanted in a plastic fob. The chip 
can store authentication data (such as a 
digital certificate) that can be read when 
put in proximity to a suitable scanner. 
Another use for fobs is to generate a One 
Time Password, valid for a couple of 
minutes only and mathematically linked to 
a code generated on a server. 


keyboard 

The oldest PC input device and still 
fundamental to operating a computer. 
There are many different designs and 
layouts for different countries. Some 
keyboards feature special keys. 


Keychain 

macOS app for managing passwords 
cached by the OS and supported 
browser/web applications. 


keyed port 

A port with physical attributes that prevent 
a connector from being inserted into the 
port the wrong way around. 


kill switch 
Another term for remote wipe. 


KVM switch 

(Keyboard Video Mouse switch) A switch 
supporting a single set of input and output 
devices controlling a number of PCs. KVM 
are more typically used with servers but 2- 
port versions allow a single keyboard, 
mouse, and display to be used with two 
PCs. 


LAN 

(Local Area Network) A network in which 
all the nodes or hosts participating in the 
network are directly connected with cables 
or short-range wireless media. 


lands 
In optical storage media, raised areas on 
the disk. 


lanes 

In PCle, two wire pairs (four wires in total) 
using low voltage differential signaling, 
with one pair used to transmit and the 
other pair to receive (bi-directional). 


laptop 

A portable computer offering similar 
functionality to a desktop computer. 
Laptops come with built-in LCD screens 
and input devices (keyboard and 
touchpad), and can be powered from 
building power (via an AC adapter) or by a 
battery. 


laser printer 

A type of printer that develops an image 
ona drum using electrical charges to 
attract special toner then applying it to 
paper. The toner is then fixed to the paper 
using a high-heat and pressure roller 
(fuser). The process can be used with black 
toner only or four color toner cartridges 
(Cyan, Magenta, Yellow, and Black) to 
create full-color prints. Monochrome laser 
printers are the "workhorses" of office 
printing solutions. 


latency 

The time it takes for a signal to reach the 
recipient. A video application can support 
a latency of about 80 ms, while typical 
latency on the Internet can reach 1000 ms 
at peak times. Latency is a particular 
problem for 2-way applications, such as 
VoIP (telephone) and online conferencing. 


latent 

Evidence that cannot be seen with the 
naked eye and instead must be 
interpreted using a machine or process. 


LC 

(Lucent Connector) Small Form Factor 
version of the SC push-pull fiber optic 
connector; available in simplex and duplex 
versions. 


LCD panel 

(Liquid Crystal Display panel) A display 
technology where the image is made up of 
liquid crystal cells controlled using 
electrical charges. LCD panels are used on 
laptops and have replaced CRT monitors 
as the main type of computer display 
screen. 


LDAP 

(Lightweight Directory Access Protocol) 
Standard for accessing and updating 
information in an X.500-style network 
resource directory. LDAP uses port 389. 
Unless secure communications are used, 
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LDAP is vulnerable to packet sniffing and 
Man-in-the-Middle attacks. It is also usually 
necessary to configure user permissions 
on the directory. LDAP version 3 supports 
simple authentication or Simple 
Authentication and Security Layer, which 
integrates it with Kerberos or TLS. 


least privilege 

Least privilege is a basic principle of 
security stating that something should be 
allocated the minimum necessary rights, 
privileges, or information to perform its 
role. 


LED 

(Light Emitting Diode) Small, low-power 
lamps used both as diagnostic indicators, 
LCD backlights, and (as Organic LEDs) in 
high-quality flat panels. 


LED printer 
(light emitting diode printer) A type of 
printer that uses LEDs to print. 


legacy system 

A computer system that is no longer 
supported by its vendor and so no longer 
provided with security updates and 
patches. 


LGA 

(Land Grid Array) A CPU form factor used 
by Intel where the pins that connect the 
CPU and socket are located on the socket. 


life expectancy 
The length of time for which a device can 
be expected to remain reliable. 


light sensors 

Sensors in a mobile device used to dim 
and brighten the display based on ambient 
conditions. 


Lightning ports 
Proprietary connector and interface for 
Apple devices. 


line conditioner 

A device that adjusts voltages in under- 
voltage and over-voltage conditions to 
maintain a 120 V output. 


link 
Point-to-point connections in PCle. 


link-local address 

Addresses used by IPv6 for network 
housekeeping traffic. Link-local addresses 
span a single subnet (they are not 
forwarded by routers). 


Linux 

An open-source operating system 
supported by a wide range of hardware 
and software vendors. 


Linux processes 
An instance of a running program that 
performs a data processing task. 


literal 
A match to the exact string. 


load roller 

In an inkjet printer, a roller that turns 
against the paper stack to move the top 
sheet, while a separation roller prevents 
more than one sheet from entering the 
printer. 


local account 
An account that is only associated with the 
computer on which it was created. 


local bus 

The internal bus that links components 
directly to the processor, resulting in the 
highest possible data speed as required by 
components such as the video display. 


Local Security Accounts database 

A local (non-network) database where local 
system account information is stored. In 
Windows systems, this is the SAM 
database, and in Linux systems the 
information is stored in the /etc/passwd 

or /etc/shadow file. 


Local Security Policy 

A set of policies relating to log on, 
passwords, and other security issues that 
can be enforced or disabled on the local 
machine. On domains, security policy is 
configured centrally using Group Policy 
Objects (GPO). 


locally installed printer 
A printer that Windows communicates 
with directly over the relevant port. 
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locator applications 

An app installed on mobile devices that 
identifies the device location to help locate 
a lost or stolen device. 


locked out 

When a user is unable to access a device 
because the device has been disabled 
either by means of the user forgetting the 
passcode too many times or remotely 
using an app that locks the device if it is 
reported lost or stolen. 


lockout policy 
A policy designed to restrict failed login 
attempts. 


logical operator 

A comparison of more than one condition 
at the same time by using AND, OR, or 
XOR. 


logical security 
Controls implemented in software to 
create an access control system. 


logon script 

A text file that runs when the user logs on. 
The file contains commands and settings 
to configure a user's environment. 


LoJack tracking software 
"Rootkit"-style software that enables a 
stolen laptop to be traced or remotely 


locked down or wiped in the event of theft. 


loop 

Like a branch, a loop deviates from the 
initial program path to some sort of logic 
condition. In a loop, the computer repeats 
the task until a condition is met. Often 
implemented with For or While 
statements. 


loopback plug 

A special connector used for diagnosing 
network transmission problems that 
redirects electrical signals back to the 
transmitting system. 


LoS 

(Line of Sight) A wireless connection 
method using ground-based microwave 
antennas aligned with one another. 


low level format 

A "proper" low level format creates 
cylinders and sectors on the disk. This can 
generally only be done at the factory. The 
disk utilities just clean data from each 
sector; they don't re-create the sector 
layout. 


LTE 

(Long Term Evolution) A packet data 
communications specification providing an 
upgrade path for both GSM and 
CDMA2000 cellular networks. LTE 
Advanced is designed to provide 4G 
standard network access. 


LTE-A 
(LTE Advanced) LTE Advanced is designed 
to provide 4G standard network access 


luminance 

The perceived brightness of a display 
screen, measured in candelas per square 
meter (cd/m2?). 


MAC address 

A unique physical hardware address for 
each Ethernet network adapter that is 
composed of 12 hexadecimal digits. 


MAC address table 

The table on a switch keeping track of MAC 
addresses associated with each port. As 
the switch uses a type of memory called 
Content Addressable Memory (CAM), this 
is sometimes called the CAM table. 


MAC filtering 

(media access control filtering) Applying an 
access control list to a switch or access 
point so that only clients with approved 
MAC addresses can connect to it. 


MAC flooding 

Overloading the switch's MAC cache using 
a tool such as Dsniff or Ettercap to prevent 
genuine devices from connecting and 
potentially forcing the switch into hub or 
flooding mode. 


Mac OS 
The name of the Apple operating system 
from launch to 2001. 


Machine to Machine (M2M) 
Internet of Things feature that allows 
objects to communicate and pass data 
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between themselves and other traditional 
systems like computer servers. 


macos 

Operating system designed by Apple for 
their range of iMac computers, Mac 
workstations, and MacBook portables. 
macOS (previously called OS X) is based on 
the BSD version of UNIX. macOS is well 
supported by application vendors, 
especially in the design industry. 


MACs 

(Moves, adds, changes) A record of any 
requested moves, adds, or changes to 
computers, devices, users, or related 
policies. 


Magic Mouse 
An Apple mouse with a touchpad surface 
that supports gestures. 


Magic Trackpad 
An Apple trackpad with a larger work 
surface than the Magic Mouse. 


main board 
See motherboard. 


main connector 
The adapter from the power supply that 
supplies power to the motherboard. 


maintenance kit 

A set of replacement feed rollers, new 
transfer roller, and a new fuser unit for a 
laser printer. 


male port 
A port that has pin connectors. 


managed_switch 

Works as an unmanaged switch out-of- 
the-box but an administrator can connect 
to it over a management port, configure 
security settings, and then choose options 
for the switch's more advanced 
functionality. 


mantrap 
A secure entry system with two gateways, 
only one of which is open at any one time. 


MAPI 

(Message Application Programming 
Interface) A Windows messaging interface 
used primarily by the email client software 


Outlook to communicate with an Exchange 
mail server. 


mask 

A face covering, usually made of cloth, 
plastic, or rubber, that fits over your 
mouth and nose should be worn when you 
are using a compressed air canister, 
working around toner spills, or working in 
an otherwise dusty environment. A mask 
minimizes the risk of inhaling damaging 
airborne particles. 


mass storage device 

Non-volatile storage devices that are able 
to hold data when the system is powered 
off. 


matte coating 
A display coating that is best suited to 
office work. Compare with gloss coating. 


MBR 

(Master Boot Record) A sector on a hard 
disk storing information about partitions 
configured on the disk. 


MD5 

(Message Digest Algorithm v5) The 
Message Digest Algorithm was designed in 
1990 by Ronald Rivest, one of the "fathers" 
of modern cryptography. The most widely 
used version is MD5, released in 1991, 
which uses a 128-bit hash value. 


MDF 

(Main Distribution Frame) A cable rack that 
interconnects external communication 
cables and the cables that comprise the 
internal network. 


MDM 

(Mobile Device Management) Software 
suites designed to manage use of 
smartphones and tablets within an 
enterprise. 


measured service 

A provider's ability to control and bill a 
customer's use of resources such as CPU, 
memory, disk, and network bandwidth 
through metering. 


media center 
A computer used for media streaming, 
often connected to surround sound 
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speakers, and capable of recording TV 
shows. 


media guides 

In a paper tray, the movable components 
that can be adjusted to hold the paper in 
the proper position for feeding through 
the printer. 


megapixels 
A unit of measure for the number of pixels 
a digital camera is capable of producing. 


MEID 

(Mobile Equipment ID) A number that 
uniquely identifies a mobile device on a 
CDMA network. 


member server 

Any Windows-based server computer 
configured into a domain but not 
maintaining the Active Directory database 
(authenticating users) is referred to asa 
member server. Servers in a workgroup 
are referred to as standalone servers. 


memory card 

Flash drives typically used for digital 
cameras and smartphones; typically small 
and flat. 


memory card reader 

A device containing one or more slots to 
accommodate reading (and writing) 
memory cards. 


memory module 
A printed circuit board that holds a group 
of memory chips that act as a single unit. 


message digest 
See MD5. 


metadata 

Data about data, typically one set of data 
summarizes information about the original 
set of data. 


MFD 

(multifunction device) Any device that 
performs more than one function. This 
typically refers to either SOHO Internet 
routers/access points or print devices that 
can also scan and fax. 


MIB 

(Management Information Base) A 
database used by SNMP in which agents 
maintain configuration and usage data 
and identifies what information the 
managed system offers. 


microATX 

Introduced in late 1997, and is often 
referred to as ATX, and has a maximum 
size of 9.6 inches by 9.6 inches. 


microprocessor 
A programmable integrated circuit (IC). 


microsegmentation 

Each switch port is a separate collision 
domain. In effect, the switch establishes a 
point-to-point link called a virtual circuit 
between any two network nodes. 


Microsoft account 

The type of account required to get apps 
from the Microsoft Store, to sync data 
between devices, access OneDrive, and 
work with parental controls for a Child 
account. 


Microsoft Windows 

Windows started as version 3.1 for 16-bit 
computers. A workgroup version provided 
rudimentary network facilities. Windows 
NT 4 workstations and servers (introduced 
in 1993) provided reliable 32-bit operation 
and secure network facilities, based 
around domains. The Windows 9x clients 
(Windows 95, 98, and Me) had far lower 
reliability and only support for 
workgroups, but were still hugely popular 
as home and business machines. Windows 
2000 and Windows XP workstations 
married the hardware flexibility and user 
interface of Windows 9x to the reliability 
and security of Windows NT, while the 
server versions saw the introduction of 
Active Directory for managing network 
objects. The subsequent client releases of 
Windows (Vista and Windows 7) featured a 
substantially different interface (Aero) with 
3D features as well as security 
improvements. The latest client versions— 
Windows 8 and Windows 10—are 
designed for use with touchscreen devices. 


MIDI 
(Musical Instrument Digital Interface) 
Allows a computer with a sound card to 
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drive MIDI compatible musical 
instruments, such as synthesizers, 
samplers, and drum machines (or [vice 
versa] for a synthesizer to drive a 
computer audio application [such as a 
sampler). 


MIME 

(Multi-purpose Internet Mail Extensions) A 
protocol specifying Internet mail message 
formats and attachments. 


MIMO/MU-MIMO 

(Multiple Input Multiple Output/Multiple 
User MIMO) Wireless technology used in 
802.11n/ac and 4G standards. MIMO is the 
use of multiple reception and transmission 
antennas to boost bandwidth. A Multi-user 
MIMO (MU-MIMO)-capable access point 
can use separate streams to connect 
multiple MU-MIMO-capable stations 
simultaneously, providing the stations are 
not on the same directional path. 


mini-ITX 

Asmall compact board that fits the same 
form factor as the ATX and the micro-ATX 
boards. They have a maximum size of 6.7 
inches by 6.6 inches. 


mirroring 

Mirroring is a type of RAID (RAID 1) using 
two hard disks, providing the simplest way 
of protecting a single disk against failure. 
Data is written to both disks and can be 
read from either disk. 


Mission Control 
App facilitating multiple desktops in 
macOS. 


MitM 

(Man-in-the-Middle) Where the attacker 
intercepts communications between two 
hosts. 


MMF 

(Multimode Fiber) A category of fiber optic 
cable. Compared to SMF, MMF is cheaper 
(using LED optics rather than lasers), but 
supports shorter distances (up to about 
500 m). 


mobile device synchronization 

Copying data back and forth between a 
mobile device and another device such as 
another mobile device, tablet, laptop, PC, 


or cloud service to keep the information 
up-to-date on all of the devices. 


mobile hotspot 
See tethering. 


mobile VPN 

A VPN that can maintain the VPN link 
across multiple carrier networks, where 
the IP address assigned to the mobile 
device may change often. 


mobile VR headset 

(mobile Virtual Reality headset) A VR 
device designed to be used with specific 
smartphones. 


mobo 
See motherboard. 


modem 

(modulator/demodulator) A network 
device that is used to interface a computer 
with the telephone network for data and 
fax communications, modulating digital 
data for transmission as an analog signal 
and demodulating incoming analog 
transmissions. Broadband modems are 
used to transmit signals over telephone 
(DSL) or cable TV networks. 


Molex connector 

A power connector that is used to supply 
power to Parallel Advanced Technology 
Attachment (PATA) drives, optical drives, 
and SCSI drives. 


motherboard 

The computer motherboard, also called 
the system board, provides the basic 
foundation for all of the computer's 
hardware, including the processor, RAM, 
firmware, and expansion cards. Several 
motherboard standards are available, 
each with a different layout and associated 
advantages. 


mount point 

A partition or volume mapped to a folder 
in another file system rather than 
allocated a drive letter. 


mouse 
The essential device to implement a WIMP 
GUI, a mouse simply controls the 
movement of a cursor that can be used to 
select objects from the screen. All 
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Windows mice feature two click buttons, 
which are configured to perform different 
actions. Many mice also feature a scroll 
wheel. 


MSDS 

(Materials Safety Data Sheet) Information 
sheet accompanying hazardous products 
or substances explaining the proper 
procedures for handling and disposal. 


MTBF 

(Mean Time Between Failures) The rating 
on a device or component that predicts 
the expected time between failures. 


multiboot system 

Installing multiple operating systems ona 
single computer. Each OS must normally 
be installed to a separate partition. 


multifactor authentication 

Strong authentication is multifactor. 
Authentication schemes work on the basis 
of something you know, something you 
have, or something you are. These 
schemes can be made stronger by 
combining them (for example, protecting 
use of a smart card certification 
[something you have] with a PIN 
[something you know)). 


multimedia 

Multimedia refers to PC components that 
can playback and record sound and video 
(or to sound and video files). There are 
numerous sound and video file formats, 
including legacy Windows-specific formats 
such as WAV (for audio) or AVI (for video 
and audio). The preferred file format for 
Windows Media Player is ASF (Advanced 
Systems Format), which is usually 
compressed (WMA or WMV). Other file 
formats include those used for Apple's 
QuickTime player (MOV and QT), Apple's 
iTunes format (AIFF), and RealNetworks 
player (RA or RAM). The most popular 
standards-based format is MPEG. 


multimeter 

An electrical meter capable of measuring 
voltage, resistance, and current. Voltage 
readings can be used to determine 
whether, for example, a power supply unit 
is functioning correctly. Resistance 
readings can be used to determine 


whether a fuse or network cable is 
functioning correctly. 


multiple desktops 

A feature that enables users to set up one 
or more desktops with different sets of 
apps, backgrounds, and so on. See 
Mission Control. 


multiport repeater 
See hub. 


multitasking 

The ability of an operating system to run 
multiple programs, or tasks, at one time. 
DOS was a single tasking operating 
system. Windows 3.x was a cooperative 
multitasking operating system, while 
Windows 9x and higher provide 
preemptive multitasking. Cooperative 
multitasking relies on the applications to 
share CPU cycles with one another and to 
voluntarily relinquish the processor to 
other tasks, which has reliability 
implications. 


multithreaded 
Software that runs multiple parallel 
threads within a process. 


multitouch 

A touchscreen or touchpad capable of 
interpreting gestures, such as pinching or 
swiping. 


mutual authentication 

Typically a client authenticates to a server. 
In many circumstances, it may be 
necessary for the server to authenticate to 
the client also (to prevent Man-in-the- 
Middle attacks, for instance). This is 
referred to as mutual authentication. 


mutual authentication for multiple 
services 

(SSO [Single Sign On]) One service accepts 
the credentials from another service. Also 
known as federated identity 
management. 


NAC 

(Network Access Control) A means of 
ensuring endpoint security—ensuring that 
all devices connecting to the network 
conform to a "health" policy (patch level, 
antivirus/firewall configuration, and so on). 
NAC can work on the basis of pre- or post- 
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admission control. The core components 
are an agent running on the client, policy 
enforcers (network connection devices 
such as switches and access points), and 
policy decision points (NAC policy server 
and AAA/RADIUS server). 


NAPT 

(Network Address Port Translation) Similar 
to NAT, it (or PAT or NAT overloading) 
maps private host IP addresses onto a 
single public IP address. Each host is 
tracked by assigning it a random high TCP 
port for communications. 


NAS 

(Network Attached Storage) A storage 
device with an embedded OS that 
supports typical network file access 
protocols (TCP/IP and SMB, for instance). 
These may be subject to exploit attacks 
(though using an embedded OS is often 
thought of as more secure as it exposes a 
smaller attack "footprint"). The 
unauthorized connection of such devices 
to the network is also a concern. 


NAT 

(Network Address Translation) A network 
service provided by router or proxy server 
to map private local addresses to one or 
more publicly accessible IP addresses. NAT 
can use static mappings but is most 
commonly implemented as Network 
Address Port Translation (NAPT) or NAT 
overloading, where a few public IP 
addresses are mapped to multiple LAN 
hosts using port allocations. 


native resolution 
The fixed resolution for LCD or other flat 
panel display devices. 


Negative Acknowledgement 

(NACK) On a TCP/IP network, when using 
TCP and the data is delivered ina 
damaged state, a NACK packet is sent back 
to the sender to force retransmission of 
the data. 


NetBEUI 

A proprietary Microsoft network transport 
protocol typically found in non-routed 
networks. Fast and efficient, but not widely 
supported by third parties. Largely 
forgotten in these days of TCP/IP. 


NetBIOS 

NetBIOS is a session management 
protocol used to provide name registration 
and resolution services on legacy 
Microsoft networks. WINS provides 
NetBIOS name resolution. See also 
NetBEUI. 


NetBT 

(NetBIOS over TCP/IP) NetBIOS that was 
re-engineered to work over the TCP and 
UDP protocols. 


network 

Two or more computer systems linked 
together by some form of transmission 
medium that enables them to share 
information. 


network drive 
A local share that has been assigned a 
drive letter. 


network firewall 
A firewall placed inline in the network that 
inspects all traffic that passes through it. 


network ID 

In an IP address, the portion of the 
address that is common to all hosts on the 
same IP network. 


Network Interface layer 

In the TCP/IP suite, the layer responsible 
for putting frames onto the physical 
network. 


network mapping 

Tools used to gather information about 
the way the network is built and 
configured and the current status of hosts. 


network topology 

The shape or structure of a network is 
commonly described as its topology. 
Topologies may be either physical (the 
actual appearance of the network layout) 
or logical (the flow of data across the 
network). In a star topology, nodes are 
connected to a single point while in a hub 
topology, all nodes connect to the same 
media and share bandwidth. A ring 
topology means that communications 
travel from node-to-node in a loop. Ina 
full mesh network, each node is linked to 
every other node, but partial meshes are 
far more common. A hybrid topology uses 
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elements of different topologies, such as a 
logical bus but physical star. 


NFC 

(Near Field Communications) A Standard 
for peer-to-peer (2-way) radio 
communications over very short (around 
4") distances, facilitating contactless 
payment and similar technologies. NFC is 
based on RFID. 


NFS 

(Network File System) A remote file access 
protocol used principally on UNIX and 
Linux networks. 


NIC 

(Network interface Card) An expansion 
card that enables a PC to connect to a LAN. 
Also referred to as a network adapter. 


NIST 

(National Institute of Standards and 
Technology) Develops computer security 
standards used by US federal agencies and 
publishes cybersecurity best practice 
guides and research. 


NLA 

(Network Level Authentication) An RDP 
technology requiring users to authenticate 
before a server session is created. 


non-parity 

System memory that does not perform 
error checking (except for the startup 
memory count). 


notification shade 

An Android feature that is accessed by 
swiping down from the top of the display 
to access Android OS feature settings. 


NTFS 

(NT File System) A Windows file system 
that supports a 64-bit address space and is 
able to provide extra features such as file- 
by-file compression and RAID support as 
well as advanced file attribute 
management tools, encryption, and disk 
quotas. 


NVMe 

(Non-volatile Memory Express) An 
interface for connecting flash memory 
devices, such as SSDs, directly to a PCI 


Express bus. NVMe allows much higher 
transfer rates than SATA/AHCI. 


NVMHCI 

(Non-Volatile Memory Host Controller 
Interface Specification) A logical interface 
used by PCle-based SSD drives to 
communicate with the bus. 


objects 
A data structure in Windows that 
represents system resources. 


OCP 

(Overcurrent Protection) A power supply 
rail safety feature that cuts the circuit if the 
power exceeds a safe limit. 


OCR 

(Optical Character Recognition) Software 
that can identify the shapes of characters 
and digits to convert them from printed 
images to electronic data files that can be 
modified in a word processing program. 
Intelligent Character Recognition (ICR) is an 
advanced type of OCR, focusing on 
handwritten text. 


octet 
32 bit addresses subdivided into four 
groups of 8 bits (1 byte). 


ODBC Data Sources 
See Data Sources. 


offline files 

Files (or folders) from a network share that 
are cached locally. The Offline Folders tool 
handles synchronization between the local 
and remote copies. 


OLED display 

(organic light emitting diode display) A 
type of LED flat panel display device that 
uses organic compounds that emit light 
when subjected to an electric current. 


on-access 
A type of antivirus scan where the AV 

software intercepts OS calls to open files, 
so that it can scan the file before allowing 
or preventing the file from being opened. 


onboard adapter 
A low-end adapter included with the 
motherboard or as part of the CPU itself. 
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onboarding 

The process in which MDM software logs 
use of a device on the network and 
determines whether to allow it to connect 
or not, based on administrator-set 
parameters. 


online social lives 

An online way to interact with other 
people using sites such as Facebook, 
Twitter, and Instagram. 


open questions 

Questions that guide the customer to 
telling you what will be most helpful in 
resolving their issue. 


open source 
Open source means that the programming 
code used to design the software is freely 
available. 


operating system 

A software package that enables a 
computer to function. It performs basic 
tasks, such as recognizing the input froma 
keyboard, sending the output to a display 
screen or monitor, and controlling 
peripheral devices such as disk drives and 
printers. 


options 
The modifiers used with Linux commands 
to make a command more versatile. 


OS X 
The name of the Apple operating system 
from 2001 through 2016. 


OSD 

(on-screen display) Display configuration 
menus that show up on the monitor and 
that you interact with by using buttons on 
the monitor case. 


OTP 

(one time password) A password that is 
generated for use in one specific session 
and becomes invalid after the session 
ends. 


OU 

(Organizational Unit) In Windows Active 
Directory, a way of dividing the domain up 
into different administrative realms. 


overclocking 

Manually setting the CPU and chipset to 
run at a faster speed than advised by the 
manufacturer. Some CPUs are better 
suited to overclocking than others and the 
system will generally need a better cooling 
system to cope with the increased thermal 
output. 


PaaS 

(Platform as a Service) A cloud computing 
service that enables consumers to rent 
fully configured systems that are set up for 
specific purposes. 


packet filtering 

A type of firewall that inspects the headers 
of IP packets and can perform filtering on 
IP address, protocol type, and port 
numbers. 


page description language 

(PDL) A high-level computer language used 
to describe the contents and the layout of 
the information to be printed on a page 
through PDL commands. 


pagefile 
See virtual memory. 


PAN 

(Personal Area Network) Close range 
networking (usually based on Bluetooth or 
NFC) allowing communications between 
personal devices, such as smartphones, 
laptops, and printers/peripheral devices. 


paper jam 

Occurs when paper does not feed through 
the printer properly, resulting in pages 
that are stuck within the paper feed 
mechanism, often crumpled or torn. 


parent directory 
A directory that is one level above your 
current working directory. 


parity checking 

An error checking method where each 
byte of data in memory is accompanied by 
a ninth bit used to check for corrupted 
data. 


partitioning 

The act of dividing a physical disk into 
logically separate storage areas, often 
referred to as drives. 
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passive cooling device 

A CPU generates a large amount of heat 
that must be dissipated to prevent 
damage to the chip. Generally, a CPU will 
be fitted with a heatsink (a metal block 
with fins) and fan. Thermal compound is 
used at the contact point between the chip 
and the heatsink to ensure good heat 
transfer. The PSU also incorporates a fan 
to expel warm air from the system. 
Modern motherboards have temperature 
sensors that provide warning of 
overheating before damage can occur. 
Very high performance or overclocked 
systems or systems designed for quiet 
operation may require more sophisticated 
cooling systems, such as liquid cooling. 
Cooling systems that work without 
electricity are described as passive; those 
requiring a power source are classed as 
active. 


password policy 

A weakness of password-based 
authentication systems is when users 
demonstrate poor password practice. 
Examples include choosing a password 
that is too simple, reusing passwords for 
different tasks, writing a password down, 
and not changing a password regularly. 
Some of these poor practices can be 
addressed by system policies; others are 
better approached by education. 


PAT 

(portable appliance testing) In the UK, 
Australia, and New Zealand, the process 
for inspecting and testing electrical 
equipment to ensure its safety. 


PAT 
(port address translation) Another term for 
NAT overloading or NAPT. 


PATA 

(Parallel Advanced Technology 
Attachment) Used to be the main disk 
interface for PCs. The interface was very 
commonly called IDE (Integrated Drive 
Electronics) or Enhanced IDE (EIDE). Each 
PATA adapter supports two devices, 
commonly called master and slave. A drive 
is connected to the bus by a 40-pin ribbon 
cable. The PATA interface has been 
replaced by SATA. 


patch 

A fix or update for a software program or 
application, designed to eliminate known 
bugs or vulnerabilities and improve 
performance. 


Patch Management 

Identifying, testing, and deploying OS and 
application updates. Patches are often 
classified as critical, security-critical, 
recommended, and optional. 


Patch Tuesday 
The second Tuesday of every month when 
Microsoft releases updates. 


pattern lock 

To access a locked device, the user must 
trace a predetermined pattern on screen, 
or join the dots. 


PCI bus 

(Peripheral Component Interconnect bus) 
Introduced in 1995 with the Pentium 
processor, it connects the CPU, memory, 
and peripherals to a 32-bit working at 33 
MHz. PCI supports bus mastering, IRQ 
steering, and Plug-and-Play. Later versions 
defined 64-bit operation and 66 MHz clock 
but were not widely adopted on desktop 
PCs. 


PCI DSS 

(Payment Card Industry Data Security 
Standard) Information security standard 
for organizations that process credit or 
bank card payments. 


PCle 

(PCI Express) An expansion bus standard 
using serial Communications. Each device 
on the bus can create a point-to-point link 
with the I/O controller or another device. 
The link comprises one or more lanes (x1, 
x2, x4, x8, x12, x16, or x32). Each lane 
supports a full-duplex transfer rate of 250 
MBps (v1.0), 500 MBps (v2.0), or 1 GBps 
(v3.0). The standard is software compatible 
with PCI, allowing for motherboards with 
both types of connectors. 


PDU 

(power distribution unit) A device designed 
to provide power to devices that require 
power, and may or may not support 
remote monitoring and access. 
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peer-to-peer network 

In peer-to-peer networks there is no 
dedicated server, but instead, each 
computer connected to the network acts 
as both a server and client (each computer 
is a peer of the other computers). These 
types of networks were originally 
developed as a low-cost alternative to 
server-based systems for use in smaller 
companies and organizations where there 
are up to about ten users. A major 
drawback to this type of network is a 
comparative lack of security whereby each 
user must control access to resources on 
his/her machine. 


permissions 

To access files and folders on a volume, 
the administrator of the computer will 
need to grant file permissions to the user 
(or a group to which the user belongs). File 
permissions are supported by NTFS-based 
Windows systems. 


personal firewall 

A firewall implemented as applications 
software running on the host. Personal 
software firewalls can provide 
sophisticated filtering of network traffic 
and also block processes at the application 
level. However, as a user-mode application 
they are more vulnerable to attack and 
evasion than kernel mode firewalls or 
network firewall appliances. 


PGA 

(Pin Grid Array) A CPU socket form factor 
where pins are located on the bottom of 
the processor to fit in the matching holes 
in the motherboard socket. PGA-type 
sockets are still used by AMD but Intel has 
switched to Land Grid Array (LGA), where 
the pins are located on the socket rather 
than the chip. 


PGP 

(Pretty Good Privacy) Email encryption 
product providing message confidentiality 
and integrity using web of trust PGP 
certificates. 


pharming 

Similar to phishing, this type of social 
engineering attack redirects a request for 
a website, typically an e-commerce site, to 
a similar-looking, but fake, website. The 


attacker uses DNS spoofing to redirect the 
user to the fake site. 


PHI 

(Protected Health Information) 
Information that identifies someone as the 
subject of medical and insurance records, 
plus associated hospital and laboratory 
test results. 


phishing 

Obtaining user authentication or financial 
information through a fraudulent request 
for information. Phishing is specifically 
associated with emailing users with a link 
to a faked site (or some other malware 
that steals the information they use to try 
to authenticate). Pharming is a related 
technique where the attacker uses DNS 
spoofing to redirect the user to the fake 
site. Vishing refers to phishing attacks 
conducted over voice channels (VoIP), 
while spear phishing or whaling refers to 
attacks specifically directed at managers or 
senior executives. 


photopolymer 

A polymer material that is sensitive to 
light, and changes its properties when 
exposed to a light source. 


pickup roller 
Roller that turns above a stack of paper to 
feed a sheet into the feed roller. 


PID 
See Process ID. 


piezoelectric printing 

Ink delivery system in an inkjet printer 
that uses a tiny element that changes 
shape to act as a pump used in Epson 
printers. 


PII 

(Personally Identifiable Information) Data 
that can be used to identify or contact an 
individual (or in the case of identity theft, 
to impersonate them). A Social Security 
number is a good example of PII. Others 
include names, date of birth, email 
address, telephone number, street 
address, biometric data, and so on. 


pipe symbol 
A vertical bar typed between commands to 
pipe or redirect the results or output of 
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one command as the input to another 
command. 


pits 
In optical storage media, recessed areas 
on the disk. 


PIV Card 

(Personal Identification Verification card) 
Smart card standard for access control to 
US Federal government premises and 
computer networks. 


pixel 

The smallest discrete element on a display. 
A single pixel is composed of a red, a blue, 
and a green dot. 


PKI 

(Public Key Infrastructure) Asymmetric 
encryption provides a solution to the 
problem of secure key distribution for 
symmetric encryption. The main problem 
is making a link between a particular 
public-private key pair and a specific user. 
One way of solving this problem is through 
PKI. Under this system, keys are issued as 
digital certificates by a Certificate Authority 
(CA). The CA acts as a guarantor that the 
user is who he or she says he or she is. 
Under this model, it is necessary to 
establish trust relationships between users 
and CAs. In order to build trust, CAs must 
publish and comply with Certificate 
Policies and Certificate Practice 
Statements. 


plenum 

An air handling space, including ducts and 
other parts of the HVAC system ina 
building. 


plenum cable 

A grade of cable that does not give off 
noxious or poisonous gases when burned. 
Unlike PVC cable, plenum cable can be run 
through the plenum and firebreak walls. 


Plug and Play 
See UPnP. 


PNAC 

(Port-based Network Access Control) An 
IEEE 802.1X standard in which the switch 
(or router) performs some sort of 
authentication of the attached device 
before activating the port. 


PoE 

(Power over Ethernet) Specification 
allowing power to be supplied via switch 
ports and ordinary data cabling to devices 
such as VoIP handsets and wireless access 
points. Devices can draw up to about 13 W 
(or 25 W for PoE+). 


pointing device 

A peripheral used to move a cursor to 
select and manipulate objects on the 
screen. 


policy 

A subset of a security profile, and a 
document that outlines the specific 
requirements and rules everyone must 
meet. 


PoP 

(Point of Presence) The equipment that 
allows a location, facility, home, or other 
point-of-access to connect to the Internet. 


POP 3 

(Post Office Protocol) A TCP/IP application 
protocol providing a means for a client to 
access email messages stored in a mailbox 
on a remote server. The server usually 
deletes messages once the client has 
downloaded them. POP3 utilizes TCP port 
110. 


port (logical) 

In TCP and UDP applications, a port is a 
unique number assigned to a particular 
application protocol (such as HTTP or 
SMTP). The port number (with the IP 
address) forms a socket between client 
and server. A socket is a bi-directional pipe 
for the exchange of data. For security, it is 
important to allow only the ports required 
to be open (ports can be blocked using a 
firewall). 


port (physical) 

A hardware connection interface ona 
personal computer that enables devices to 
be connected to the computer. 


port forwarding 

Port forwarding means that a router takes 
requests from the Internet for a particular 
application (say, HTTP/port 80) and sends 
them to a designated host on the LAN. 
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port number 

The number between 0 and 65535 
assigned to each type of network 
application so that the transport layer can 
identify it. 


port replicator 

A simple device to extend the range of 
ports (for example, USB, DVI, HDMI, 
Thunderbolt, network, and so on) available 
for a laptop computer when it is used at a 
desk. 


port scanning 

Software that enumerates the status of 
TCP and UDP ports on a target system. 

Port scanning can be blocked by some 

firewalls and IDS. 


port triggering 

Port triggering is used to configure access 
through a firewall for applications that 
require more than one port. Basically, 
when the firewall detects activity on 
outbound port A destined for a given 
external IP address, it opens inbound 
access for the external IP address on port 
B for a set period. 


POST 

(Power-On Self-Test) A hardware checking 
routine built into the PC firmware. This test 
sequentially monitors the state of the 
memory chips, the processor, system 
clock, display, and firmware itself. Errors 
that occur within vital components such as 
these are signified by beep codes emitted 
by the internal speaker of the computer. 
Further tests are then performed and any 
errors displayed as on-screen error codes 
and messages. 


POTS 

(Plain Old Telephone System) Parts of a 
telephone network "local loop" using 
voice-grade cabling. Analog data transfer 
over POTS using dial-up modems is slow 
(33.3 Kbps). DSL technologies make better 
use of the bandwidth available, but are not 
accessible over all of the network. 


power 
The rate at which electricity is drawn from 
the supply by the device using it, 
measured in Watts. 


power drain 

When apps, especially malware or rogue 
apps, use excessive power and quickly 
drain the battery of a mobile device. 


power injector 

Used when an existing switch does not 
support PoE. When a device is connected 
to a port on a PoE switch, the switch goes 
through a detection phase to determine 
whether the device is PoE-enabled. If not, 
it does not supply power over the port and 
therefore does not damage non-PoE 
devices. If so, it determines the device's 
power consumption and sets the supply 
voltage level appropriately. 


power management 

Computers and hardware supporting a 
power management specification such as 
ACPI (Advanced Configuration Power 
Interface) can enter power-saving or 
standby modes that can be reactivated 
from the host. 


power rating 

The maximum power output available 
from a PC power supply, measured in 
watts, calculated as voltage multiplied by 
current. 


power redundancy 
A duplicate power source to be used in 
case one power source is unavailable. 


power supply tester 
A type of meter designed to test PC Power 
Supply Units. 


PPP 

(Point-to-Point Protocol) Dial-up protocol 
working at layer 2 (Data Link) used to 
connect devices remotely to networks. 
Often used to connect to an ISP's routers 
and out to the Internet. PPPoE (PPP over 
Ethernet) or PPPoA (PPP over ATM) are 
used to provide broadband connections 
(over DSL or cable Internet, for instance). 


PPPoA 

(PPP over ATM) The PPP protocol is used 
with the ATM transport protocol by DSL 
providers. 


Glossary 


1206 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


Glossary 


PPPoE 

(PPP over Ethernet) PPP packets are 
encapsulated within Ethernet frames for 
transport by DSL providers. 


PRI 

(Preferred Roaming Index) An index that 
works with the PRL to provide the best 
data/voice quality to a phone while 
roaming. 


PRI 

(Primary Rate Interface) A class of ISDN 
service that provides either T1 or E1 
capacity levels (23B or 30B) channels, 
depending on location in the world, and 
one 64 Kbps D channel. 


primary charge roller 
See cleaning unit. 


primary group 

In Linux, users can be members of one 
primary group and multiple supplemental 
groups. 


print driver 
Software that provides an interface 
between the print device and Windows. 


print head 

In a dot matrix printer, pins that are fired 
by solenoids are secured to a moving 
carriage that sweeps across the paper and 
the pins make contact with the ribbon to 
press it against the paper to create 
images. In an inkjet printer, the print head 
is typically contained in the ink cartridge 
although Epson inkjet printers include the 
printhead as part of the printer instead. 


print job 

The output produced by an application 
and passed to the printer, and then to the 
print device via a print monitor and port. 


print languages 

The language used by printers to interpret 
output from the computer as printable 
text and images. Some printers can use 
multiple print languages. 


print monitor 
In Windows, the print monitor is a process 
that checks the print queue (%SystemRoot 


%\System32\Spool\Printers\) for print jobs. 


When they arrive, they are processed, if 


necessary, then passed via a print port to 
the print device. 


printer 

An output device that produces text and 
images from electronic content onto 
physical media such as paper or 
transparency film. 


printer technology 

The mechanism used in a printer to create 
images on paper. It determines the quality, 
speed, and cost of the output. 


printer type 

The mechanism used to make images on 
the paper. Also referred to as printer 
technology. 


privacy filter 
A filter to fit over a display screen so that it 
can only be viewed straight-on. 


privacy screen 
A filter to fit over a display screen so that it 
can only be viewed straight-on. 


private address 

IP addresses in ranges defined by RFC1928 
which are not allowed to route traffic over 
the Internet, with those addressed being 
confined to private LANs. 


PRL 

(Preferred Roaming List) A database built 
by CDMA service carriers to indicate which 
radio bands should be used when 
connecting to a cell tower. 


problem management 
A method of identifying, prioritizing, and 
establishing ownership of incidents. 


procedure 
An inflexible, step-by-step listing of the 
actions that must be completed for any 
given task. 


Process ID 
Also PID. The number assigned to a 
process. 


processor 
See CPU. 
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professionalism 
Taking pride in one's work and in treating 
people fairly. 


profile of security requirements 

A set of policies to apply for different 
employees and different site areas within 
a site. 


program 
Software that provides functionality such 
as word processing, graphics creation, 
database management, or other 
productivity or entertainment uses. 


proper documentation 

A record of what will be done so that the 
customer knows what to expect in terms 
of items that are supported, how long 
incidents may take to resolve, when they 
can expect an item to be replaced instead 
of repaired, and so on. 


prosumer 
A combination of the words professional 
and consumer, typically referring to an 
amateur user who uses professional level 
devices. 


protocol 

Rules and formats enabling systems to 
exchange data. A single network will 
involve the use of many different 
protocols. In general terms, a protocol 
defines header fields to describe each 
packet, a maximum length for the payload, 
and methods of processing information 
from the headers. 


protocol suite 
A collection of several protocols used for 
networking are designed to work together. 


proxy server 
A server that mediates the 
communications between a client and 
another server. The proxy server can filter 
and often modify communications as well 
as provide caching services to improve 
performance. 


PSE 

(Power Sourcing Equipment) Network 
switches that provide power through the 
Ethernet cable to connected devices. 


pseudocode 

Writing out a program sequence using 
code blocks but without using the specific 
syntax of a particular programming 
language. 


PSK 

(Pre-shared Key) Symmetric encryption 
technologies, such as those used for WEP, 
require both parties to use the same 
private key. This key must be kept a secret 
known only to those authorized to use the 
network. A pre-shared key is normally 
generated from a passphrase. 


PSTN 

(Public Switched Telephone Network) 
National telecommunications systems 
have evolved and combined over the years 
to create a global (and indeed extra- 
terrestrial) communications network This 
is referred to as the Public Switched 
Telephone Network (PSTN) but it is 
capable of carrying more than simply 
voice-call services. The basis of PSTN is a 
circuit-switched network, but the 
infrastructure can also carry packet- 
switched data services. 


PSU 

(Power Supply Unit) Transformer that 
converts AC mains power into 3.3 V, 5V, 
and 12 V DC to power components on the 
motherboard. The type of PSU must match 
the case and motherboard form factor. 


PVR 

(personal video recorder) Software 
installed on a home theater PC (HTPC) to 
record and watch TV broadcasts. 


PXE 

(Preboot Execution Environment) A feature 
of a network adapter that allows the 
computer to boot by contacting a suitably 
configured server over the network (rather 
than using a local hard disk). 


Qc 

(Quick Charge) A Qualcomm fast charging 
technology that also has a second chip for 
power management that allows higher 
wattage than is allowed by the USB 
standard without overheating. 
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Qos 

(Quality of Service) Systems that 
differentiate data passing over the 
network that can reserve bandwidth for 
particular applications. A system that 
cannot guarantee a level of available 
bandwidth is often described as Class of 
Service (CoS). 


QR codes 

(Quick Response codes) A 2D barcode 
created of black and white squares used to 
store information that can be read using a 
barcode scanner or the camera ona 
smartphone that has a barcode scanning 
app installed. 


quality updates 

Windows updates that are typically 
released each Tuesday designed to 
address security vulnerabilities, usually 
installed in one group of patches and 
requiring a single reboot. Compare with 
feature updates. 


Quick Response codes 
See QR codes. 


radio firmware 

An operating system that is separate from 
the end-user operating system in a mobile 
device. 


RADIUS 

(Remote Authentication Dial-in User 
Service) Used to manage remote and 
wireless authentication infrastructure. 
Users supply authentication information to 
RADIUS client devices, such as wireless 
access points. The client device then 
passes the authentication data to an AAA 
(Authentication, Authorization, and 
Accounting) server, which processes the 
request. 


RAID 

(Redundant Array of Independent/ 
Inexpensive Disks) A set of vendor- 
independent specifications for fault- 
tolerant configurations on multiple-disk 
systems. 


rainbow table 

Tool for speeding up attacks against 
Windows passwords by precomputing 
possible hashes. 


RAM 

(Random Access Memory) The principal 
storage space for computer data and 
program instructions. RAM is described as 
being volatile in the sense that once power 
has been removed or the computer has 
been rebooted, data is lost. 


range extender 
See wireless range extender. 


ransomware 
A type of malware that tries to extort 
money from the victim, by appearing to 
lock their computer or by encrypting their 
files, for instance. 


rapid elasticity 

The ability to scale cloud computing 
resources quickly to meet peak demand 
and just as quickly remove resources if 
they are not currently needed. 


raster 
A bitmap image of a page for printing. See 
also Raster Image Processing. 


RAW 

When applied to a print job, RAW means 
the job is fully rendered and ready to be 
passed to the print device without further 
processing. 


RDPRA Mode 

(RDP Restricted Admin Mode) A method of 
mitigating the risk of using Remote 
Desktop. 


real time 
The date and time that are maintained by 
the Real Time Clock. 


rear panel 

The portion of the system case with cut- 
out slots aligned with the position of 
adapter card slots. 


recovery disc 

OEM recovery media enabling the user to 
reset the system to its factory 
configuration. 


recovery image 

A custom image that contains the current 

state of the operating system files, plus all 
of the desktop applications installed to the 
boot partition. 
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redirection 

When the user tries to open a web page 
but is sent to another page (which may or 
may not look like the page the user was 
attempting to access). 


reference machine 

The process of Windows deployment to 
multiple computers by using disk imaging 
software to clone an installation from one 
PC to the rest. 


refresh rate 

The picture displayed on a CRT monitor is 
updated (by vertical refreshing) many 
times per second. The more times the 
image is refreshed, the more stable and 
flicker-free the picture. On flat panels, 
there is no flicker as each pixel is not 
redrawn but only updated. Flat panels can 
suffer from motion blur and ghosting, 
however, and better refresh rates can 
reduce these issues. 


regex 
(regular expressions) Strings of characters 
that denote a word, a set of words, or a 
sentence. 


register 

Registers are temporary storage areas in 
the CPU that can hold data prior to 
processing by the Arithmetic Logic Unit 
(ALU) and other components of the 
processor. A CPU can incorporate a 
number of different registers, but the 
most important are the General Purpose 
(GP) registers. 


registration roller 
Roller equipped with a sensor that feeds 
paper into the print engine. 


relational operators 
See comparison operator. 


relative distinguished name 

In an LDAP directory, the most specific 
attribute in the distinguished name that 
uniquely identifies the object within the 
context of successive (parent) attribute 
values. 


relative path 
The path relative to the current working 
directory. 


remnant removal 

Data that has nominally been deleted from 
a disk by the user can often be recovered 
using special tools. The best way to shred 
data without physically destroying a disk is 
to ensure that each writable location has 
been overwritten in a random pattern. 


Remote Assistance 

A Windows remote support feature 
allowing a user to invite a technical 
support professional to help them over a 
network using chat. The user can also 
grant the support professional control 
over their desktop. Remote Assistance 
uses the same RDP protocol as Remote 
Desktop. 


Remote Credential Guard 
A method of mitigating the risk of using 
Remote Desktop. 


Remote Desktop 

The Windows feature that allows a remote 
user to initiate a connection at any time 
and sign on to the local machine using an 
authorized account. 


remote wipe 

Software that allows deletion of data and 
settings on a mobile device to be initiated 
from a remote server. 


removable storage 

A storage device that can be removed 
from the computer, or the removable 
media that can be inserted in a drive, to 
store portable data. 


repeater 

A repeater is a layer 1 device that takes a 
signal and repeats it to the devices that are 
connected to it. Repeaters can be used to 
maintain signal integrity and amplitude 
across a connection or a network. 


replay attack 

Where the attacker intercepts some 
authentication data and reuses it to try to 
re-establish a session. 


rescue disk 
See recovery disc. 


reserve 
In DHCP servers, particular IP addresses 
are set aside for and assigned to specific 
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devices so that those devices receive the 
same IP address each time. 


resistance 

Resistance (R) describes the property of a 
material to prevent electrical flow through 
itself. Metals have little electrical 
resistance whereas plastics and rubber 
have very high resistance and in most 
cases will not allow electrical current to 
pass through them. The resistance of a 
body to electrical current is measured in 
Ohms (Q or R) and is related to potential 
difference (V) and current (I) by the 
equation V=IR. 


resistor 

A component that opposes the flow of 
current without blocking it completely and 
is used to manage electronic circuits. 


resolution 

A measure of the number of picture 
elements (pixels) that an imaging device 
can use to sample or display the image, 
measured in pixels per inch (ppi). On a 
digital printer, the resolution is the 
number of toner or ink dots that the print 
engine can put on paper (measured in 
dots per inch [dpi]). Note that sometimes 
dpi is used interchangeably with ppi to 
describe scanner or monitor resolution, 
but image pixels and printer dots are not 
equivalent, as multiple print dots are 
required to represent a single image pixel 
accurately. 


resolution (digital camera) 
The number of megapixels a digital 
camera is capable of producing. 


resource pooling 

A cloud provider's data center hardware is 
not dedicated or reserved for a particular 
customer account, allowing the provider to 
provision more resources through 
management software rather than 
physically altering hardware to allocate or 
deallocate resources for a customer. 


respect 
Treating others and their property as you 
would like to be treated. 


response rate 
The time taken for a pixel to change color, 
measured in milliseconds (ms). 


restore points 

System Restore takes a snapshot of the 
system configuration and enables 
rollbacks to these restore points. 


RF 

(Radio Frequency) Radio waves propagate 
at different frequencies and wavelengths. 

Wi-Fi network products work at 2.4 GHz or 
5 GHz. 


RFC 

(Request for Change) In change 
management, the formal document 
submitted to the CAB that has the details 
of the proposed alteration. 


RFID 

(Radio Frequency Identification) A chip 
allowing data to be read wirelessly. RFID 
tags are used in barcodes and smart cards. 


RFID badge 

(Radio Frequency Identification badge) An 
ID badge containing a chip allowing data to 
be read wirelessly. 


RFID tag 
A tag containing an RFID chip programmed 
with asset data. 


ribbon 

In an impact printer, the inked medium 
against which pins press to create the 
image. 


RIP 

(Raster Image Processing) The component 
responsible for converting instructions in 
the Page Description Language (PDL) to 
instructions that control the print engine 
(an inkjet's ink dispersion nozzles or a 
laser printer's developer laser, for 
instance). A PDL might contain instructions 
for printing vector graphics and fonts; the 
RIP translates these instructions into a 
pattern of dots (raster) at the required 
resolution. 


riser card 

A space-saving feature of some 
motherboards, a riser card puts the PC's 
expansion slots on a separate board 
installed at right-angles to the main board. 
This allows the system components to fit 
within a slimline case. 
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risk 

The likelihood and impact (or 
consequence) of a threat actor exercising a 
vulnerability. 


RJ connector 

(Registered Jack connector) A connector 
used for twisted pair cabling. 4-pair 
network cabling uses the larger RJ-45 
connector. Modem/telephone 2-pair 
cabling uses the RJ-11 connector. 


RJ-11 connector 

A six-position connector that uses just one 
pair of wires. It is used in telephone 
system connections. 


RJ-45 connector 

An eight-position connector that uses all 
four pairs of wires. It is usually used for 
network connectivity. 


roaming profile 

A Microsoft Windows technology that 
redirects user profiles to a network share 
so that the information is available when 
the user logs into any computer on the 
network where the network share is 
located. 


rogue access point 

An unauthorized wireless access point on 
a corporate or private network, which 
allows unauthorized individuals to connect 
to the network. 


rogue VM 

(rogue virtual machine) A virtual machine 
that has been installed without 
authorization. 


root directory 
Top of the file directory structure ona 
drive. 


root user 

A user who has access rights to all files and 
resources on the system and is the default 
administrative account on a Linux system. 


rooting 

Gaining privileged level or root level access 
to an Android device to enable modifying 
code or installing software not intended 
for the device. 


rootkit 

A class of malware that modifies system 
files, often at the kernel level, to conceal its 
presence. 


rotational latency 
The time it takes for the read/write head to 
find a sector location. 


router 

A network device that links dissimilar 
networks and can support multiple 
alternate paths between locations based 
upon the parameters of speed, traffic 
loads, and cost. A router works at layer 3 
(Network) of the OSI model. Routers form 
the basic connections of the Internet. They 
allow data to take multiple paths to reach 
a destination (reducing the likelihood of 
transmission failure). Routers can access 
source and destination addresses within 
packets and can keep track of multiple 
active paths within a given source and 
destination network. TCP/IP routers on a 
LAN can also be used to divide the 
network into logical subnets. 


routine 

A section of code within a program to be 
used repeatedly for a specific task and is 
usually independent from the rest of the 
code within the program. 


rpm 
(Red Hat Package Manager) A tool for 
maintaining packages in Red Hat Linux 
systems. 


RPO 

(Recovery Point Objective) The amount of 
data loss that a system can sustain, 
measured in time. See also recovery time 
objective. 


RS-232 
A serial port that uses a 25-pin male D 
connector. (See also serial port). 


RSA 

(Rivest Shamir Adelman) The first 
successful algorithm to be designed for 
public key encryption. It is named for its 
designers. 


RSoP 
(Resultant Set of Policies) In Windows 
systems, a Group Policy report showing all 
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of the GPO settings and how they affect 
the network. It can also be used to show 
how GPOs affect user and computer 
combinations with the local security policy 
in effect. 


RSSI 

(Received Signal Strength Indicator) For a 
wireless signal, an index level calculated 
from the signal strength level. 


RTC 

(real time clock) Part of the system chipset 
that keeps track of the date and time. The 
RTC is powered by a battery so the PC 
keeps track of the time even when it is 
powered down. If the computer starts 
losing time, it is a sign that the battery is 
failing. 


RTC battery 

(real time clock battery) The battery that 
powers the chipset that keeps track of 
date and time for the system. 


RTO 

(Recovery Time Objective) The period 
following a disaster that a system may 
remain offline. See also recovery point 
objective. 


RTOS 

(real-time operating system) An OS that is 
optimized for use in embedded or real- 
time apps. 


RVI 
(Rapid Virtualization Indexing) The term 
used for SLAT extensions by AMD. 


S.M.A.R.T. 

(Self Monitoring Analysis and Reporting 
Technology) Technology designed to alert 
the user to possible hard disk failures 
before the disk becomes unusable. 


S/MIME 

(Secure Multipurpose Internet Mail 
Extensions) Email encryption standard 
(Cryptographic Message Standard) using 
PKI (X.509) certificates for confidentiality 
(digital envelopes) and integrity (digital 
signatures). S/MIME provides extensions 
for standard MIME headers. 


S/PDIF 

(Sony/Phillips Digital Interface) A high- 
quality audio port that uses coax cabling 
with RCA connectors or fiber optic cabling 
and connectors. S/PDIF supports surround 
sound speakers. 


SaaS 

(Software as a Service) A cloud computing 
service that enables a service provider to 
make applications available over the 
Internet. 


sag 
A sag can occur when the power supply 
entering a computer's components dips 
briefly below that which is required. Sags 
are commonly caused when heavy 
machinery or other high power appliances 
are Started. 


SAM 

(Security Account Manager) The Windows 
local security account database where 
local system account information is stored. 


sample 
A sound pattern stored in a wave table. 


Samsung account 

An account created for Samsung Android 
devices used to access the Samsung 
devices and related online services. 


SAS 

(Serial Attached SCSI) Developed from 
parallel SCSI, SAS represents the highest 
performing hard disk interface available. 


SATA 

(Serial ATA) The most widely used interface 
for hard disks on desktop and laptop 
computers. It uses a 7-pin data connector 
with one device per port. There are three 
SATA standards specifying bandwidths of 
1.5 Gbps, 3 Gbps, and 6 Gbps, respectively. 
SATA drives also use a new 15-pin power 
connector, though adapters for the old 
style 4-pin Molex connectors are available. 
External drives are also supported via the 
eSATA interface. 


SC 
(Subscriber Connector) Push/pull 
connector used with fiber optic cabling. 
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scalable fonts 
Fonts that are vector based. 


scanner 
A type of photocopier that can convert the 
image of a physical object into an 
electronic data file. The two main 
components of a scanner are the lamp, 
which illuminates the object, and the 
recording device, an array of CCDs (Charge 
Coupled Devices). There are flatbed and 
sheet-fed versions, with sheet-fed versions 
typically being incorporated with a printer 
and fax machine into a multifunction 
device. Scanners can output images 
directly to a printer or to a suitable file 
format (such as JPEG, PNG, or TIFF). 
Scanners can also interface with 
applications software using one of several 
interfaces (TWAIN, WIA, SANE, or ISIS). 


schematic 

A schematic is a simplified representation 
of a system. Physical network diagrams or 
schematics can show the general location 
of components and their identification. 
Logical network diagrams show the 
organization of the network into subnets 
and zones. 


screen lock 

A way to prevent unauthorized access to a 
computer or mobile device. Configuring a 
screen lock requires the user to enter a 
passphrase, complete a pattern, or enter a 
PIN to access the device. 


script file 

A text file containing commands or 
instructions that are performed by a 
program on the computer rather than by 
the computer itself. 


scripting language 
A programming language that is 
interpreted rather than compiled. 


SCSI 

(Small Computer Systems Interface) A 
legacy expansion bus standard allowing 
for the connection of internal and external 
devices. SCSI 1 defines the original 8-bit 
bus with a transfer rate of 5 MBps. SCSI 2 
features a 16-bit data bus implementation 
(Wide SCSI) and a faster transfer rate (Fast 
SCSI) while maintaining backward 
compatibility with most of the original 


devices. SCSI 3 introduces further data 
rate enhancements (Ultra SCSI) anda 
serial SCSI standard (Firewire). Each device 
ona SCSI bus must be allocated a unique 
ID. The bus must also be terminated at 
both ends. 


SDK 

(Software Development Kit) A set of 
resources provided by a platform vendor 
for programmers to use when creating 
software to work with the vendor's 
platform. 


SDN 

(Software Defined Networking) Application 
Programming Interfaces (API) and 
compatible hardware allowing for 
programmable network appliances and 
systems. 


SDRAM 

(Synchronous Dynamic Random Access 
Memory) A variant on the DRAM chip 
designed to run at the speed of the system 
clock, thus accelerating the periodic 
refresh cycle times. SDRAM can run at 
much higher clock speeds than previous 
types of DRAM. Basic SDRAM is now 
obsolete and has been replaced by DDR/ 
DDR2/3 SDRAM. 


sector 

The regularly sized subdivision of a drive 
track. During low-level formatting, the size 
and position of the sectors is written to the 
disk so that the data can be placed into 
uniform spots that the drive head can 
easily access. 


secure boot 

A security system offered by UEFI that is 
designed to prevent a computer from 
being hijacked by malware. 


security control 

A technology or procedure put in place to 
mitigate vulnerabilities and risk and to 
ensure the Confidentiality, Integrity, and 
Availability (CIA) of information. Control 
types are often classed in different ways, 
such as technical, operational, and 
management. 
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security group 

A collection of user accounts that can be 
assigned permissions in the same way as a 
single user object. 


security template 

Settings for services and policy 
configuration for a server operating ina 
particular application role (web server, 
mail server, file/print server, and so on). In 
Windows, the current configuration can be 
compared to the baseline defined in a 
security template using the Security 
Configuration and Analysis tool. 


seek time 
The time it takes for the read/write head to 
locate a particular track position. 


self-grounding 

Manual dissipation of static buildup by 
touching a grounded object prior to 
touching any electronic equipment. 


semiconductor 

A material that can act as both a conductor 
and an insulator, which provides switch- 
like functionality, where a circuit can be 
opened and closed, used to represent 
binary (on/off) digits. 


separation pad 

A Stationary pad in a paper tray that 
pushes the stack of paper back, allowing 
only a single sheet of paper to be fed into 
the printer. 


separation roller 

A roller in a paper tray that pushes the 
stack of paper back, allowing only a single 
sheet of paper to be fed into the printer. 


serial port 

Asynchronous serial transmission (RS-232) 
is one of the oldest PC bus standards. A 
serial port is a legacy port that can be used 
to connect devices such as modems, mice, 
and Uninterruptible Power Supplies (UPS). 
Serial ports transmit data bit-by-bit using a 
single data line at a speed of up to about 
115 Kbps. Although the original serial port 
used a 25-pin male D connector, most PCs 
today use a male DB9 (9-pin) port. The 
serial port is now little used but does 
provide an "out-of-band" means of 
configuring network appliances such as 
switches and routers. 


server consolidation 

Using virtual servers, make more efficient 
use of system resources and hardware 
since most servers' capacity is not fully 
utilized. 


server-side virtualization 

A solution in which one or more virtual 
servers are created on a physical server in 
which each virtual server acts like it was a 
separate computer. 


service 

Windows machines run services to provide 
functions; for example, Plug-and-Play, the 
print spooler, DHCP client, and so on. 
These services can be viewed, configured, 
and started/stopped via the Services 
console. You can also configure which 
services run at startup using msconfig. You 
can view background services (as well as 
applications) using the Processes tab in 
Task Manager. 


SFF 

(Small Form Factor) Motherboards and 
connectors that are designed to take up 
less space. 


SHA 

(Secure Hash Algorithm) A cryptographic 
hashing algorithm created to address 
possible weaknesses in MDA. The earlier 
SHA-1 has been superseded by SHA-2. 


shareware 

Software that you can install free of charge 
usually for a limited time of use or with 
limited functionality. To continue using it 
or to access additional features, the user 
will need to register and often pay for the 
software. 


sheet-fed scanner 
A scanner in which the paper is passed 
over a fixed scan head. 


shell 

An OS component that interacts directly 
with users and functions as the command 
interpreter for operating systems. 


shell script 

A Linux file that contains a list of 
commands to be read and executed by the 
shell. 
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shoulder surfing 

A human-based attack where the goal is to 
look over the shoulder of an individual as 
he or she enters password information or 
a PIN. 


shredding 
Grinding a disk into little pieces. 


sideload 
See Android application package. 


silicon chip 

A wafer of purified silicon doped with a 
metal oxide (typically copper or 
aluminum). 


SIM 

(Subscriber Identity Module) A small chip 
card that identifies the user and phone 
number of a mobile device via an 
International Mobile Subscriber Identity 
(ISMI). A SIM card also provides a limited 
amount of local storage for contacts. 


single-channel memory 
Memory with one 64-bit bus between the 
CPU and RAM. 


SLA 

(stereolithography) A 3D printing method 
which uses a resin or photopolymer to 
create objects which are cured using an 
ultraviolet laser. 


SLAT 

(Second Level Address Translation) A 
feature of virtualization software designed 
to improve the management of virtual 
(paged) memory. 


slicing 
Creating horizontal layers to use in 3D 
modeling and 3D printers. 


slipstreamed media 

A disc-based installation that has all of the 
various updates, patches, and drivers 
included along with the original installation 
files. 


SLS 

(selective laser sintering) A 3D printing 
method which fuses layers together using 
a pulse laser, creating the object from a 
plastic or metal powder with the model 


being lowered into a tank as each layer is 
added. 


smart card 

A card with a chip containing data on it. 
Smart cards are typically used for 
authentication, with the chip storing 
authentication data such as a digital 
certificate. 


smart card reader 

A device, either built-in or attached as a 
peripheral, that uses a slot or NFC to 
interact with a smart card. 


SMB 

(Server Message Block) A protocol used for 
requesting files from Windows servers and 
delivering them to clients. SMB allows 
machines to share files and printers, thus 
making them available for other machines 
to use. SMB client software is available for 
UNIX-based systems. Samba software 
allows UNIX and Linux servers or NAS 
appliances to run SMB services for 
Windows clients. 


SMF 

(Single Mode Fiber) A category of fiber 
optic cable. SMF is more expensive than 
MMF (using high quality cable and optics) 
and supports much longer distances (up to 
about 70 km). 


SMP 

(symmetric multiprocessing) A condition 
where two or more physical CPUs that 
share a common OS and memory execute 
instructions simultaneously. 


SMT 
(Simultaneous Multithreading) Processing 
of multiple threads simultaneously. 


SMTP 

(Simple Mail Transfer Protocol) The 
protocol used to send mail between hosts 
on the Internet. Messages are sent over 
TCP port 25. 


SNMP 

(Simple Network Management Protocol) A 
protocol for monitoring and managing 
network devices. A management system 
collates data sent by agents running on 
each device. The agents maintain a 
Management Information Base of 
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configuration and usage data. An agent 
can also generate a trap, alerting the 
management system of some notable 
event (such as a printer being out of 
paper). SNMP works over UDP ports 161 
and 162 by default. 


Snort 
An intrusion detection program. 


SNR 

(Signal-to-Noise Ratio) A sound 
measurement that is expressed in decibels 
that compares the signal power with the 
noise power. 


social engineering 

A hacking technique, widely publicized by 
Kevin Mitnick in his book "The Art of 
Deception," whereby the hacker gains 
useful information about an organization 
by deceiving its users or by exploiting their 
unsecure working practices. Typical social 
engineering methods include 
impersonation, domination, and charm. 


SODIMM 

(Small Outline Dual In-line Memory 
Module) Memory that is half the size of 
DIMMs, are available in 32- or 64-bit data 
paths, and are commonly found in laptops 
and iMac systems. 


soft reset 

Power cycling a mobile device in an 
attempt to resolve issues the user is 
experiencing. 


SOHO network 

(small office/home office network) A small 
network that provides connectivity and 
resource sharing for a small office or 
home office. 


solid state storage 

Any type of persistent digital storage 
technology that does not use mechanical 
parts. 


SOP 
(Standard Operating Procedure) See 
procedure. 


sound card 

An add-on card or built-in adapter to 
process audio signals and provide 
interfaces for connecting audio devices. 


spam 
Junk messages sent over email (or instant 
messaging [SPIM]). Filters and blacklists 
are available to block spam and known 
spam servers. It is also important to 
ensure that any mail servers you operate 
are not open relays, allowing a spammer 
to leverage your server to distribute spam 
and making it likely that it will be 
blacklisted. 


spear phishing 
See whaling. 


spike 

A spike can occur when electrical devices 
are turned off or when electrical storms 
are happening. Normally, spikes and 
surges are not sufficient to cause 
problems but occasionally big fluctuations 
may lead to the system crashing or 
hanging. 


spoofing 

Where the attacker disguises their identity. 
Some examples include IP spoofing, where 
the attacker changes their IP address, or 
phishing, where the attacker sets up a 
false website. 


Spotlight 
File system search feature in macOS. 


spyware 
Software that records information about a 


PC and its user. Spyware is used to 
describe malicious software installed 
without the user's content. Aggressive 
spyware is used to gather passwords or 
financial information such as credit card 
details. 


SSD 

(solid state drive) A personal computer 
storage device that stores data in non- 
volatile special memory instead of on disks 
or tape. 


SSH 

(Secure Shell) A remote administration and 
file copy program that is flexible enough to 
support VPNs too (using port forwarding). 
SSH runs on TCP port 22. 


SSID 
(Service Set ID) Identifies a particular 
Wireless LAN (WLAN). This "network name" 
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can be used to connect to the correct 
network. When multiple APs are 
configured with the same SSID, this is 
referred to as an E(xtended)SSID. 


SSL 

(Secure Sockets Layer) A security protocol 
developed by Netscape to provide privacy 
and authentication over the Internet. It is 
application independent (working at layer 
5 [Session]) and can be used with a variety 
of protocols, such as HTTP or FTP. Client 
and server set up a secure connection 
through PKI (X.509) certificates (optionally, 
both client and server can authenticate to 
one another). The protocol is now being 
developed as Transport Layer Security 
(TLS). 


SSO 

(Single Sign-on) Any authentication 
technology that allows a user to 
authenticate once and receive 
authorizations for multiple services. 
Kerberos is a typical example of an 
authentication technology providing SSO. 


SSTP 

(Secure Socket Tunneling Protocol) Uses 
the HTTP over SSL protocol and 
encapsulates an IP packet with an SSTP 
header. 


ST Connector 

(Straight Tip connector) Bayonet-style 
twist-and-lock connector for fiber optic 
cabling. 


standard 
A measure by which to evaluate 
compliance with a policy. 


standard client 

A business computer that performs most 
or all computing functions on its own. Also 
referred to as a thick client or a fat client. 


Standard User account 

A Microsoft Windows user account 
recommended for day-to-day operations, 
which has much more limited capabilities 
than the Administrator account, and is 
able to run installed programs. 


standoffs 

Used to firmly attach the motherboard to 
the case, ensuring no other part of the 
motherboard touches the case. 


static eliminator 
See detac corona. 


storage bus 
A special type of expansion bus dedicated 
to communicating with storage devices. 


stored value 

The area where programs keep variable 
and constant values while the program is 
running. 


STP 

(Shielded Twisted Pair cabling) A type of 
network cabling used where protection 
from interference is required. Insulation is 
installed around all four pairs of twisted 
cables. 


string 
Data type supporting storage of a variable 
length series of characters. 


structured cabling system 
The use of patch cords, permanent links, 
and patch panels. 


subnet mask 

An IP address consists of a Network ID and 
a Host ID. The subnet mask is used in IPv4 
to distinguish these two components 
within a single IP address. The typical 
format for a mask is 255.255.0.0. Classless 
network addresses can also be expressed 
in the format 169.254.0.0/16, where /16 is 
the number of bits in the mask. IPv6 uses 
the same /nn notation to indicate the 
length of the network prefix. 


subtractive color printing 
A color printing method that uses the 
reflective properties of inks. 


superpipelining 

Superscalar architectures feature longer 
pipelines with multiple stages but shorter 
actions (micro-ops) at each stage. 


superscalar architecture 

CPUs process multiple instructions at the 
same time (for example, while one 
instruction is fetched, another is being 
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decoded, another is being executed, and 
another is being written back to memory). 


superuser 
Another term for the root user. 


supplicant 
Under 802.1X, the device requesting 
access. 


surge 
An abrupt but brief change in the value of 
the voltage, lasting from a few billionths of 
a second (a transient) to a few 
thousandths of a second. 


surge protector 

A simple device intended to protect 
electrical devices against the damaging 
effects of a power spike. 


Suricata 
An intrusion detection program. 


surround sound 
Placement of multiple speakers positioned 
around the listener to provide a cinematic 
audio experience. 


SVGA 

(Super VGA) A variant of the VGA standard 
that supported 800x600 pixel resolution 
with 4-bit or 8-bit color. 


swap partition 

A portion of the hard disk that is formatted 
with a minimal kind of file system and 
used in situations when Linux runs out of 
physical memory and needs more of it. It 
can only be used by the memory manager 
and not for storage of ordinary data files. 


Swift 
Apple's programming language for 
developing mobile apps. 


swipe lock 

Another term for unlocking a device by 
tracing a predetermined on screen pattern 
or joining dots on screen. 


switch 

Ethernet switches are at the heart of most 
local networks. A switch receives incoming 
data into a buffer, then the destination 
MAC address is compared with an address 
table. The data is then only sent out to the 


port with the corresponding MAC address. 
In a switched network, each port is in a 
separate collision domain 
(microsegmentation). Advanced switches 
perform routing at layers 3 (IP), 4 (TCP), or 
7 (Application). Switches routing at layer 
4/7 are referred to as load balancers and 
content switches. 


switches 
See options. 


syslog 

Used in UNIX and Linux, log files that allow 
for centralized collection of events from 
multiple sources. 


system board 
See motherboard. 


system case 

A plastic and metal box that houses 
components such as the motherboard, 
Central Processing Unit (CPU), memory, 
adapter cards, disk drives, and power 
supply unit. System units are also often 
referred to as boxes, main units, or base 
units. 


system clock 

The computer's timing mechanism that 
synchronizes the operation of all parts of 
the computer and provides the basic 
timing signal for the CPU; measured in 
MHz or GHz. 


system files 
The files necessary for the operating 
system to function properly. 


system firmware 

Low-level code to allow the computer 
components to be initialized and load the 
main operating system software. 


system memory 
The main storage area for programs and 
data when the computer is running. 


system partition 

In Microsoft terminology, the system 
partition is the bootable partition on the 
hard disk. This is usually, but not always, 
separate to the boot partition, which 
contains the operating system. The system 
partition is usually hidden from File 
Explorer (no drive letter is assigned to it). 
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system resources 

Settings that enable a device to 
communicate with the CPU and memory 
without the device conflicting with other 
devices. 


system restore 
See restore points. 


T568A 

A legacy twisted pair standard that was 
used in commercial buildings and cabling 
systems that support data networks, voice, 
and video. It further defines cable 
performance and technical requirements. 


T568B 

A twisted pair standard that defines the 
standards for preferred cable types that 
provide the minimum acceptable 
performance levels for home-based 
networks. 


TA 

(Terminal Adapter) An external appliance 
or a plug-in card for a PC or compatible 
router that facilitates an ISDN connection. 


tab completion 

A feature in Linux that facilitates auto 
completion of commands and file names 
by pressing Tab. 


TACACS+ 

(Terminal Access Controller Access Control 
System) An alternative to RADIUS 
developed by Cisco. The version in current 
use is TACACS+; TACACS and XTACACS are 
legacy protocols. 


tailgating 

Social engineering technique to gain 
access to a building by following someone 
else (or persuading them to "hold the 
door"). 


Task Scheduler 

The Task Scheduler is a Windows program 
that enables the user to perform an action 
(such as running a program or a script) 
automatically at a pre-set time or in 
response to some sort of trigger. 


TB 
(Thunderbolt) It can be used as a display 
interface (like DisplayPort) and as a 


general peripheral interface (like USB 3). 
The latest version uses USB-C connectors. 


TCO 

(total cost of ownership) The cost of a 
device over its lifetime, including the cost 
of replacement components and 
consumables. 


TCP 

(Transmission Control Protocol) A protocol 
in the TCP/IP suite operating at the 
transport layer to provide connection- 
oriented, guaranteed delivery of packets. 
Hosts establish a session to exchange data 
and confirm delivery of packets using 
acknowledgements. This overhead means 
the system is relatively slow. 


TCP/IP Suite 

(Transmission Control Protocol/Internet 
Protocol suite) The network protocol suite 
used by most operating systems and the 
Internet. It is widely adopted, industry 
standard, vendor independent, and open. 
It uses a 4-layer network model that 
corresponds roughly to the OSI model as 
follows: Network Interface (Physical/Data 
Link), Internet (Network), Transport 
(Transport), Application (Session, 
Presentation, Application). 


telnet 

TCP/IP application protocol supporting 
remote command-line administration of a 
host (terminal emulation). Telnet is 
unauthenticated and has therefore been 
superseded by SSH or graphical remote 
configuration utilities. Telnet runs over TCP 
port 23. 


terminal window 

In Linux, a computer interface for text 
entry and display, where information is 
displayed as an array of preselected 
characters. 


tethered VR headset 
(tethered Virtual Reality headset) A self- 
contained VR device. 


tethering 

Using the cellular data plan of a mobile 
device to provide Internet access to a 
laptop or PC. The PC can be tethered to 
the mobile by USB, Bluetooth, or Wi-Fi (a 
mobile hotspot). 
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TFT Active Matrix Display 

(Thin Film Transistor active matrix display) 
The TFT display provides the best 
resolution of all of the currently available 
flat-panel Liquid Crystal Display (LCD) 
designs, although they are also the most 
expensive. TFT displays offer very high 
image clarity, contrast ratios of between 
150:1 to 200:1, fast refresh rates, and wide 
viewing angles. 


THD 

(Total Harmonic Distortion) A sound 
measurement that is expressed as a 
percentage that compares input and 
output audio signals, which indicates the 
amount of distortion in the output signal. 


thermal dye transfer printer 

A sophisticated type of color printer that 
uses heat to diffuse dye from color 
ribbons onto special paper or 
transparency blanks to produce 
continuous-tone output similar in quality 
to a photographic print. Also called dye 
sublimation printer. 


thermal inkjet print method 
Ink delivery system in an inkjet printer that 
uses thermal shock. 


thermal paper 

Paper that contains a chemical designed to 
react with the heating element of a 
thermal printer to create images on paper. 


thermal paste 

A paste that is used to connect a heat sink 
to a CPU to provide a liquid thermally 
conductive compound gel that fills any 
gaps between the CPU and the heat sink to 
permit a more efficient transference of 
heat from the processor to the heat sink. 


thermal printer 

A type of printer that uses a thermal (high 
heat) print head to fuse or transfer wax- 
based ink onto paper or selectively heats 
specially treated paper to form the image. 
Most thermal printers are handheld 
devices used for printing labels or receipts. 


thermal shock 

An ink delivery system where the ink is 
heated to form a bubble that bursts 
through the nozzles. 


thermal wax transfer printer 

A printer that uses a thermal printhead to 
melt wax-based ink from a transfer ribbon 
onto the paper. 


thick client 

A business computer that performs most 
or all computing functions on its own. Also 
referred to as a standard client or a fat 
client. 


thin client 

A business computer that relies heavily on 
another system, typically a server, to run 
most of its programs, processes, and 
services. 


thrashed 
See disk thrashing. 


thread 

A stream of instructions generated by a 
software application. Most applications 
run a single process in a single thread. 


threat 
Any potential violation of security policies 
or procedures. 


threat actor 
See threat agent. 


threat agent 

A person or event that triggers a 
vulnerability accidentally or exploits it 
intentionally. 


three-factor authentication 
An authentication scheme that requires 
validation of three authentication factors. 


throttling 

Technology that allows the CPU to slow 
down if thermal output reaches a critical 
level or to improve power performance. 
Intel's throttling technology is called 
SpeedStep; AMD's is called PowerNow!. 


ticket 

A record created when an incident occurs, 
or move, add, or change is requested, so 
that progress on resolving or completing 
the task can be documented. 


Time Machine 
App facilitating backup operations in 
macOS. 
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TKIP 

(Temporal Key Integrity Protocol) 
Mechanism used in the first version of 
WPA to improve the security of wireless 
encryption mechanisms, compared to the 
flawed WEP standard. 


TLS 

(Transport Layer Security) A security 
protocol that protects sensitive 
communication from eavesdropping and 
tampering by using a secure, encrypted, 
and authenticated channel over a TCP/IP 
connection. 


TN 

(Twisted Nematic) An LCD panel 
technology where the panel is black when 
no electric current is running through the 
liquid crystal cells because the cells align 
themselves in a twisted state. When an 
electric current is applied, the liquid crystal 
cells untwist, allowing light to pass 
through, resulting in a white display 
screen. 


tone generator and probe 

The tone generator is an electronic device 
that sends an electrical signal through one 
set of UTP cables. The tone probe (or tone 
locator) is an electronic device that emits 
an audible tone when it detects a signal 
sent by the tone generator in a set of 
wires. 


toner 

Specially formulated compound to impart 
dye to paper through an electrographic 
process (used by laser printers and 
photocopiers). The key properties of toner 
are the colorant (dye), ability to fuse (wax 
or plastic), and ability to hold a charge. 
There are three main types of toner, 
distinguished by the mechanism of 
applying the toner to the developer roller: 
dual component (where the toner is mixed 
with a separate magnetic developer), 
mono-component (where the toner itself is 
magnetic), and non-magnetic mono- 
component (where the toner is transferred 
using static properties). 


Top Level Domains 
(TLD) In the DNS hierarchy, the level 
immediately below the root. 


Touch ID 

The Apple device feature that uses 
fingerprint biometric information to grant 
access to the device. 


touchpad 

Input device used on most laptops to 
replace the mouse. The touchpad allows 
the user to control the cursor by moving a 
finger over the pad's surface. There are 
usually buttons too but the pad may also 
recognize "tap" events and have scroll 
areas. 


touchscreen 
A display screen combined with a digitizer 
that is responsive to touch input. 


tower case 

A desktop computer designed to sit 
vertically on a surface so that it is taller 
than it is wide. Tower cases come in four 
basic sizes: full, mid, mini, and slim line. 


TPM 

(Trusted Platform Module) A specification 
for hardware-based storage of digital 
certificates, keys, hashed passwords, and 
other user and platform identification 
information. Essentially, it functions as a 
smart card embedded on a motherboard. 


trace logs 

Windows log files that allow you to collect 
statistics about services, including 
extensions to Event Viewer to log data that 
would otherwise be inaccessible. 


traces 
Wires etched on to the motherboard to 
provide electrical pathways. 


track 

When data is written onto a drive, it is 
stored as magnetic changes in the 
structure of the disk. These alterations are 
written as concentric rings as the disk 
spins. Each of these rings is termed a 
track. 


tractor feed 

An impact printer mechanism that uses 
pairs of wheels with pins evenly spaced 
around the circumference at a set spacing 
to feed continuous roll paper with 
matching holes that fit over the pins. 
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transfer belt 
In acolor printer, combining colors to print 
in one pass. 


transfer roller 
See transfer unit. 


transfer unit 

Roller, corona wire, or belt assembly that 
applies a charge to the media (paper) so 
that it attracts toner from the 
photoconductor. A detac strip then 
removes the charge to prevent paper curl. 
On a color laser printer, the transfer unit is 
usually a belt. 


transistor 
In computers, semiconductor switches 
used to create logic devices. 


trickle charge 

Charging a device that has been fully 
charged at the rate at which the charge 
discharges, keeping the device fully 
charged without overcharging the battery. 


trip hazard 
Any object placed in pathways where 
people walk. 


Trojan Horse 

A malicious software program hidden 
within an innocuous-seeming piece of 
software. Usually the Trojan is used to try 
to compromise the security of the target 
computer. 


trusted app source 
A source for apps that is managed by a 
service provider. 


tunneling 

A tunneling (or encapsulation) protocol 
wraps up data from one protocol for 
transfer over a different type of network. 
For example, PPP can carry TCP/IP data 
over a dial-up line, enabling a remote 
computer to communicate with the LAN. 


TWAIN 

Standard "driver" model for interfacing 
scanner hardware with applications 
software. 


two-factor authentication 
An authentication scheme that requires 
validation of two authentication factors. 


Type 1 hypervisor 
A bare metal hypervisor in which you 
install directly on the server's hardware. 


Type 2 hypervisor 

A host-based hypervisor in which you 
install the host operating system first, then 
install the hypervisor. 


UAC 

(User Account Control) A security system in 
Windows designed to restrict abuse of 
accounts with administrator privileges. 
Actions such as installing hardware and 
software can be performed without 
changing accounts but the user must 
authorize the use of administrative rights 
by clicking a prompt or re-entering user 
credentials. 


UDP 

(User Datagram Protocol) A protocol in the 
TCP/IP suite operating at the transport 
layer to provide connectionless, non- 
guaranteed communication with no 
sequencing or flow control. Faster than 
TCP, but does not provide reliability. 


UEFI 

(Unified Extensible Firmware Interface) A 
type of system firmware providing support 
for 64-bit CPU operation at boot, full GUI 
and mouse operation at boot, and better 
boot security. 


UEFI setup 

(Unified Extensible Firmware Interface 
setup) Another name for the setup 
program used to configure system 
firmware settings. Also known as BIOS 
setup. 


unattended installation 

A software or operating system installation 
where the configuration information is 
derived from an input file. 


unauthorized account access 
When someone other than an authorized 
user gains access to an online account. 


unauthorized camera and microphone 
usage 

When an attacker gains access to the 
camera and microphone on a mobile 
device and uses it to cause a security 
breach of sensitive data. 
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unauthorized location tracking 
Giving away too much sensitive 
information to third parties. 


unauthorized root access 

When an attacker gains root access which 
allows the attacker to have system-level 
access to every process running in the OS. 


uncollated 

A print job where all copies of page 1 are 
printed first, followed by all copies of page 
2, and so on. 


undeclared variable 
A variable that is used without first 
identifying the data type. 


undocumented feature 

A software feature or function that is not 
included in the official documentation and 
is typically unsupported, and can be 
removed or modified without users' 
knowledge. Also used as a derogatory 
term for a software bug. 


unicast addressing 

A packet addressed to a single host. If the 
host is not on the local subnet, the packet 
must be sent via one or more routers. 


unified file system 

Everything available to the Linux OS is 
represented as a file in the file system, 
including devices. 


UNIX 

UNIX is a family of more than 20 related 
operating systems that are produced by 
various companies. It can run on a wide 
variety of platforms. UNIX offers a 
multitude of file systems in addition to its 
native system. UNIX remains widely 
deployed in enterprise data centers to run 
mission critical applications and 
infrastructure. 


unmanaged_switch 
Performs microsegmentation without 
requiring any sort of configuration. 


updates 

Updates are made freely available by the 
software manufacturer to fix problems in a 
particular software version, including any 
security vulnerabilities. Updates can be 
classified as hotfixes (available only to 


selected customers and for a limited 
problem), patches (generally available), 
and service packs (installable collections of 
patches and software improvements). 


UPnP 

(Universal Plug-and-Play) A protocol 
framework allowing network devices to 
autoconfigure services, such as allowing a 
games console to request appropriate 
settings from a firewall. 


UPS 

(Uninterruptible Power Supply) An 
alternative AC power supply in the event of 
power failure. A UPS requires an array of 
batteries, a charging circuit, an inverter to 
convert DC to AC current, a circuit to allow 
the system to take over from a failing 
power supply, and some degree of spike, 
surge, or brownout protection (possibly 
including a line conditioner). 


UPS sizing 

The process of determining the 
appropriate size UPS to protect the load 
from a given system. 


URL 

(Uniform Resource Locator/Identifier) An 
application-level addressing scheme for 
TCP/IP, allowing for human-readable 
resource addressing. For example: 
protocol://server/file, where "protocol" is 
the type of resource (HTTP, FTP), "server" 
is the name of the computer 
(www.microsoft.com), and "file" is the 
name of the resource you wish to access. 


USB 

(Universal Serial Bus) The main type of 
connection interface used on PCs. A larger 
Type A connector attaches to a port on the 
host; Type B and Mini- or Micro-Type B 
connectors are used for devices. USB 1.1 
supports 12 Mbps while USB 2.0 supports 
480 Mbps and is backward compatible 
with 1.1 devices (which run at the slower 
speed). USB devices are hot swappable. A 
device can draw up to 2.5 W of power. USB 
3.0 and 3.1 define 5 Gbps (SuperSpeed) 
and 10 Gbps (SuperSpeed+) rates and can 
deliver 4.5 W of power. 


USB 2.0 (HighSpeed) standard 
A USB standard that operates at up to 480 
Mbps. 
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USB hub 

A device that connects to a USB port to 
allow additional USB devices to be 
connected to the PC, essentially increasing 
the number of USB ports available. 


USB On the Go (OTG) 
A USB standard that allows a port to 
function as either a host or as a device. 


USB SuperSpeed 
The USB 3.0 standard that operates at up 
to 5 Gbps and makes the link full duplex. 


USB SuperSpeed+ 
The USB 3.1 standard that operates at up 
to 10 Gbps. 


user account 

Each user who wishes to access a Windows 
computer will need a logon ID, referred to 
as a user account. Each user will normally 
have a local profile, containing settings 
and user-created files. Profiles are stored 
in the "Users" folder or can be redirected 
to a network folder. 


UTM 

(Unified Threat Management) All-in-one 
security appliances and technologies that 
combine the functions of a firewall, 
malware scanner, intrusion detection, 
vulnerability scanner, Data Loss 
Prevention, content filtering, and so on. 


UTP 

(Unshielded Twisted Pair cabling) The type 
of cabling typically used for computer 
networking, composed of eight insulated 
copper wires grouped into four pairs with 
each pair twisted to reduce interference 
between wires. 


variable 

Identifier for a value that can change 
during program execution. Variables are 
usually declared with a particular data 


type. 


VBR 

(Volume Boot Record) Loads the boot 
manager, which for Windows is 
bootmgr.exe. 


vCard 
The digital equivalent of a business card. 


VDE 

(Virtual Desktop Environment) A virtual 
environment in which users can customize 
and update the environment as if it was a 
physical environment. 


VDI 

(Virtual Desktop Infrastructure) Hosting 
user desktops as virtual machines on a 
centralized server or cloud infrastructure. 
The desktop OS plus applications software 
is delivered to the client device (often a 
thin client) over the network as an image. 


VDSL 

(Very High Bitrate DSL) A high speed 
version of DSL with an upstream rate 
between 1.5 Mbps and 2.5 Mbps and a 
downstream rate between 50 Mbps and 
55 Mbps. 


vector font 

A font that consists of a description of how 
each character should be drawn that can 
be scaled up or down to different font 
sizes. 


vector graphics 

Scalable images that are created from 
vectors which describe how a line should 
be drawn. 


VGA 

(Video Graphics Array). A standard for the 
resolution and color depth of computer 
displays. VGA specifies a resolution of 
640x480 with 16 colors (4-bit color) at 60 
Hz. 


VGA Connector 

(Video Graphics Array connector) A 15-pin 
HD connector has been used to connect 
the graphics adapter to a monitor since 
1987. The use of digital flat-panel displays 
rather than CRTs means that as an analog 
connector, it is fast becoming obsolete. 


video card 

Provides the interface between the 
graphics components of the computer and 
the display device. Anumber of 
connectors may be provided for the 
display, including VGA, DVI, and HDMI. 
Most adapters come with their own 
processor (Graphics Processing Unit 
[GPU]) and onboard memory. 
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video projector 

A large format display in which the image 
is projected onto a screen or wall using a 
lens system. 


virtual application streaming 

Just enough of an application is installed 
on the end user device for the system to 
recognize that the application is available 
to the user, and when the user accesses 
the application, additional portions of the 
code are downloaded to the device. 


virtual assistant 
Another term for a digital assistant. 


virtual file system 

A layer that sits between the actual file 
system and the kernel. It identifies the 
location of the persistent root partition 
from the appropriate storage device and 
loads the file system stored on the disk. 


virtual memory 

An area on the hard disk allocated to 
contain pages of memory. When the 
operating system doesn't have sufficient 
physical memory (RAM) to perform a task, 
pages of memory are swapped to the 
paging file. This frees physical RAM to 
enable the task to be completed. When the 
paged RAM is needed again, it is re-read 
into memory. 


virtual switch 
A software application that enables 
communication between VMs. 


virtualization 

Software allowing a single computer (the 
host) to run multiple "guest" operating 
systems (or Virtual Machines [VMs]). The 
VMs are configured via a hypervisor or VM 
Monitor (VMM). VMs can be connected 
using virtual networks (vSwitch) or 
leverage the host's network interface(s). It 
is also possible for the VMs to share data 
with the host (via shared folders or the 
clipboard, for instance). VT is now used as 
major infrastructure in data centers as well 
as for testing and training. 


virus 

Code designed to infect computer files (or 
disks) when it is activated. A virus may also 
be programmed to carry out other 


malicious actions, such as deleting files or 
changing system settings. 


VLAN 

(Virtual LAN) A logically separate network, 
created using switching technology. Even 
though hosts on two VLANs may be 
physically connected to the same cabling, 
local traffic is isolated to each VLAN so 
they must use a router to communicate. 


VM 

(Virtual Machine) A guest operating system 
installed on a host computer using 
virtualization software (a hypervisor), such 
as Microsoft Hyper-V or VMware. 


VM escaping 

(virtual machine escaping) Malware 
running on a guest OS jumping to another 
guest or to the host. 


VM sprawl 

(virtual machine sprawl) The uncontrolled 
development of more and more virtual 
machines. 


VNC 

(Virtual Network Computing) Remote 
access tool and protocol. VNC is the basis 
of macOS screen sharing. 


volatile 
A type of memory where data cannot be 
stored without power being supplied. 


voltage 

The potential difference between two 
points (often likened to pressure in a water 
pipe) measured in Volts (V). In the UK, 
mains power is supplied at 220-240 V. In 
the US, mains power is 110-120 V. 


voltage regulators 

Voltage Regulator Modules ensure that the 
motherboard delivers the voltage required 
by the CPU. When CPUs changed from 5 V 
to 3.3 V operation, VRMs were provided as 
plug-in modules. Most modern CPUs use 
around 1.5 - 2 V and the voltage regulators 
are built into the motherboard. 


VPN 

(Virtual Private Network) A secure tunnel 
created between two endpoints connected 
via an unsecure network (typically the 
Internet). VPNs are typically created using 


Glossary 
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SSL/TLS or IPsec. Encryption software is 
used to ensure privacy of data as 
messages transit through the public 
network. 


VR 

(Virtual Reality) A computer-generated, 
simulated environment experienced via a 
headset connected to a PC or powered by 
a smartphone. 


VR headset 

(Virtual Reality headset) A headset worn 
like goggles to interact with images 
displayed in the headset. 


VSAT 

(Very Small Aperture Terminal) A 
microwave antenna aligned to an orbital 
satellite that can either relay signals 
between sites directly or via another 
satellite. 


VT-x 
Extensions in Intel-based systems that 
allow hardware virtualization. 


vulnerability 

Any weakness that could be triggered 
accidentally or exploited intentionally to 
cause a security breach. 


walled garden 

A closed software system in which the 
user's access to content and services is 
controlled by the user's mobile carrier or 
by a service provider. 


WAN 
(Wide Area Network) A network that spans 
multiple geographic locations. 


wear leveling 

Routines used by flash drives to prevent 
any single storage location from being 
overused and to optimize the life of the 
device. 


web server 

HTTP servers host websites. A basic 
website consists of static HTML pages but 
many sites are developed as front-end 
applications for databases. Web servers 
are popular targets for attack, particularly 
DoS, spoofing, and software exploits. 
Many companies use hosted web servers 
but if not, the server should be located ina 


DMZ. Web servers are also commonly 
used for intranet services, especially on 
Microsoft networks. 


webcam 

A webcam can be used to stream and 
record video. There are many types, from 
devices built into laptops to standalone 
units. While early devices were only 
capable of low resolutions, most webcams 
are now HD-capable. 


WEP 

(Wired Equivalent Privacy) A mechanism 
for encrypting data sent over a wireless 
connection. WEP is considered flawed (that 
is, a determined and well-resourced attack 
could probably break the encryption). 
Apart from problems with the cipher, the 
use and distribution of a pre-shared key 
(effectively a password) depends on good 
user practice. WEP has been replaced by 
WPA. 


whaling 

A form of phishing that targets individuals 
who are known or are believed to be 
wealthy. 


whitelisting 
An address added to the white list is 
permitted to connect to any port. 


Wi-Fi 

IEEE standard for wireless networking 
based on spread spectrum radio 
transmission in the 2.4 GHz and 5 GHz 
bands. The standard has five main 
iterations (a, b, g, n, and ac), describing 
different modulation techniques, 
supported distances, and data rates. 


Wi-Fi analyzer 

A Wi-Fi spectrum analyzer used to detect 
devices and points of interference, as well 
as analyze and troubleshoot network 
issues on a WLAN or other wireless 
networks. 


Wi-Fi Direct 

Technology that enables two mobile 
devices to connect to each other without a 
wireless access point. 


WIA 
(Windows Image Acquisition) Driver model 
and API (Application Programming 
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Interface) for interfacing scanner hardware 
with applications software on Windows 
PCs. 


wiki 

A website that is configured so users can 
view, enter, and share information about a 
subject. 


wildcard 
A special character that is used to 
substitute characters in a string. 


Windows Certified Products List 

A searchable database of hardware 
devices that have been tested to ensure 
they are compatible with the Windows 10 
operating system. 


Windows Explorer 
See File Explorer. 


Windows LPL catalog 

(Windows Logo'd Product List catalog) A 
catalog of devices and drivers that have 
been tested to ensure they are compatible 
with the Windows 7 operating system. 


Windows Media Center 

An obsolete program included with 
Windows Vista and Windows 7 that 
included a broadcast TV schedule that 
allowed computers equipped with a TV 
tuner card to view and record TV 
programs. It also acted as a playback 
interface for optical discs. 


Windows Resource Protection 

A Windows feature that prevents essential 
system files, folders, and registry keys 
from being replaced to help prevent 
application and operating system failure. 


Windows Server 

A network operating system typically used 
for private network servers and Internet 
servers running web, email, and social 
networking apps. 


Windows Settings 
Windows 10 app for configuring and 
managing the Windows 10 computer. 


Wireless Range Extender 

Designed to repeat the signal from an 
access point to extend the range of a 
WLAN. 


WISP 

(Wireless Internet Service Provider) An ISP 
offering Internet access over ground- 
based Line of Sight (LoS) microwave 
transmitters. 


WMN 

(Wireless Mesh Network) Wireless network 
topology where all nodes—including client 
stations—are capable of providing 
forwarding and path discovery. This 
improves coverage and throughput 
compared to using just fixed access points 
and extenders. 


WoL 

(Wake on LAN) Where a host has a 
compatible network card, a network server 
can be configured to transmit a "magic 
packet" that causes the host to power up. 


work instruction 

Detailed documents that contain step-by- 
step tasks needed to perform a specific 
task. 


workgroup 

Asmall group of computers on a network 
that share resources in a peer-to-peer 
fashion. No one computer provides a 
centralized directory. 


working directory 
See current working directory. 


workstation 

Client devices connecting to the network 
represent one of the most vulnerable 
points as they are usually harder to 
monitor than centrally located equipment, 
such as servers and switches. As well as 
secure configuration of the OS and 
applications, workstations should be 
protected with anti-malware software. 
Users should be trained in security best 
practices and educated about common 
threats. 


worm 
A type of virus that spreads through 
memory and network connections rather 
than infecting files. 


WoWLAN 
(Wake-on-Wireless LAN) A wireless version 
of WoL that is not widely implemented. 
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WPA 

(Wi-Fi Protected Access) An improved 
encryption scheme for protecting Wi-Fi 
communications, designed to replace WEP. 
The original version of WPA was 
subsequently updated (to WPAZ2) following 
the completion of the 802.111 security 
standard. WPA features an improved 
method of key distribution and 
authentication for enterprise networks, 
though the pre-shared key method is still 
available for home and small office 
networks. WPA2 uses the improved AES 
cipher, replacing TKIP and RC4. 


WPF 

(Windows Presentation Foundation) In 
Windows, handles the display and print 
functions for compatible applications. 


WPS 

(Wi-Fi Protected Setup) Mechanism for 
auto-configuring a WLAN securely for 
home users. On compatible equipment, 
users just have to push a button on the 
access point and connecting adapters to 
associate them securely. 


WWAN 

(Wireless Wide Area Network) A large 
wireless network, such as a cellular data 
network or line-of-sight microwave 
transmission. 


WYSIWYG 

(What You See Is What You Get) The screen 
and print output are supposed to be the 
same. 


x64 
See x86-64. 


x86-32 
The instruction set used by IBM PC 
compatible CPUs. 


x86-64 
Another term for the AMD64 instruction 
set. 


Xcode 
Apple's SDK for macOS and iOS software 
development. 


XML 
(eXtensible Markup Language) A system 
for structuring documents so that they are 


human- and machine-readable. 
Information within the document is placed 
within tags, which describe how 
information within the document is 
structured. 


XPS 

(XML Print Specification) A file format 
based on XML that describes one or more 
pages and how the information should 
appear on the page. 


yum 
A tool for maintaining packages on Fedora- 
based Linux systems. 


Z-Wave 

Low-power wireless communications 
protocol used primarily for home 
automation. Z-Wave uses radio 
frequencies in the high 800 to low 900 
MHz range and a mesh topology. 


zero day exploit 

An attack that exploits a vulnerability in 
software that is unknown to the software 
vendor and users. Most vulnerabilities are 
discovered by security researchers and the 
vendor will have time to create a patch 
and distribute it to users before exploits 
can be developed, so zero day exploits 
have the potential to be very destructive. 


ZIF socket 

(Zero Insertion Force socket) A processor 
socket type allowing the chip to be placed 
in the socket with as little risk of damaging 
the pins on the processor chip as possible. 


Zigbee 

Low-power wireless communications open 
source protocol used primarily for home 
automation. Zigbee uses radio frequencies 
in the 2.4 GHz band and a mesh topology. 


zombie 
Unauthorized software that directs the 
devices to launch a DDOS attack. 


2D barcode 292 
2-step verification 548 
3D modeling software 246 
3D printers 246 
3D scanner 246 
802.3af 322 
802.3at 322 
See also PoE+ 


A 


absolute path 769 
AC 187 
accelerometers 507 
Acceptable Use Policy, See AUP 
Access Control Entries, See ACEs 
Access Control Lists, See ACLs 
Access Point, See AP 
access time 779 
accounting 907 
account restrictions 936 
ACEs 942 
ACLs 414, 934, 942 
Active Directory 878 
active listening 7049 
adapter cards 
slots 15 
additive 253 
add-on cards 44, 78 
addressing 767 
Address Resolution Protocol, See ARP 
ADF 290 
Advanced Encryption Standard, See 
AES 
Advanced Host Controller Interface, 
See AHCI 
Advanced Technology Extended, See 
ATX 
AES 401 
AFP 362 
agent 365 
AHCI 121 
airplane mode 527 
all-in-one units 14 


Alternating Current, See AC 
ALU 161 


AMD64 161 
analog displays 69 
Android 603 
Android Auto 540 
answer files 817 
antiglare covers 70 
anti-malware 904 
antistatic bags 10 
antivirus software, See A-V 
AP 329 
APIPA 347 
Apple CarPlay 540 
Apple Filing Protocol, See AFP 
Apple ID 533, 795 
Application protocols 343 
application virtualization 586 
app scanner 550 
apt 774 
AR 510 
arguments 766 
Arithmetic Logic Unit, See ALU 
ARP 343 
ARP poisoning 975 
arrays 

disk 663 
ASF 239 
aspect ratio 69 
asset management 7004 
assets 7004 
asymmetric encryption 902 
attended installation 804 
ATX 17 
audio subsystems 94 
Augmented Reality, See AR 
AUP 1010 
authentication 907 
authentication factors 930 
authorization 907 
autodiscover 527 
Automatic Document Feeder, See 
ADF 


Automatic Private IP Addressing, See 
APIPA 

AutoSheet Feeder, See ASF 

A-V 968 

availability 900 


backdoors 965 

backed-up print queue 278 
background 700 

backhaul 332 

backlights 556 

barcode scanners 297 
baseband updates 523 
baselines 7075 

Basic Input/Output System, See BIOS 
Basic Rate Interface, See BRI 
Basic Service Set Identifier, See BSSID 
BCD 739 

BDs 131 

biometric authentication 544 
biometric devices 57 
biometrics 57, 932 

BIOS 175 

BIOS setup 175 

bitmap image data 253 
blacklisting 905 

blackouts 994 

blanking plates 15 

blaster 515 

BLE 457 

Blue Screen of Death, See BSoD 
Bluetooth 457, 524 

Bluetooth Low Energy, See BLE 
Blu-ray Discs, See BDs 

Blu-ray drives 134 

bookmarks 537 

boolean values 1039 

Boot Configuration Data, See BCD 
boot device priority 179 

boot partition 658, 809 

boot sector 739 

boot sequence 179 

botnets 917 

branches 1038 

BRI 336 

bridges 318 

Bring Your Own Device, See BYOD 
broadband 333 

broadcast address 346 
brownouts 994 
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BSoD 736 

BSSID 329 

bus 
expansion 22 
internal 22 
local 22 

bus mastering 24 

BYOD 548, 906 


C 


CA 903, 984 
CAB 1017 
Cable Access TV, See CATV 
Cable Modem Termination System, 
See CMTS 
CAD 215 
CALs 947 
CAM 215 
Campus Area Networks, See CANs 
CAM table 974 
CANs 298 
capacitor 788 
capacity 824 
CATV 334 
CCD 289 
CCFL 289 
CCFL bulb 67 
CD drives 134 
CDMA 337, 521 
CD-R 730 
CD-RW 737 
CDs 

burning 730 
cellular data 

networks 520 
cellular radios 527 
Central Processing Unit, See CPU 
Certificate Authority, See CA 
Chain of Custody 960 
challenge questions 7023 
Change Advisory Board, See CAB 
change management 7075 
channels 723 
characters 7040 
Charge Coupled Device, See CCD 
charms 595 
chassis 73 
chip creep 205 
Chip Level Multiprocessing, See CMP 
chipsets 20 
Chrome OS 602 
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CIFS 362 
Cis 1015 
CIS 290 
cleaning blade 230 
clean install 805 
CLI 764 
Client Access Licenses, See CALs 
client-side virtualization 578 
clock battery 27 
closed network 366 
closed questions 7050 
cloud 587 
cloud-based network controller 588 
clusters 658 
CMDB 7075 
CMOS 
battery 27 
CMOS setup 775 
CMP 763 
CMS 7075 
CMTS 334 
CMYK 253 
coatings 
gloss 70 
matte 70 
coax cable 377 
coaxial cable, See coax cable 
Code Division Multiple Access, See 
CDMA 
Cold Cathode Fluorescent bulb, See 
CCFL bulb 
Cold Cathode Fluorescent Lamp, See 
CCFL 
collision domains 378 
color depth 69 
COM 702 
command interpreter 7032 
Command-Line Interface, See CLI 
command mode 777 
Comma Separated Values 
CSVs 536 


Common Internet File System, See CIFS 


compact discs, See CDs 

comparison operators 7039 
compiled programs 7032 
Complementary Metal Oxide 
Semiconductor, See CMOS 
Component Object Model, See COM 
Component Services 702 

CompTIA A+ Troubleshooting Model 
607 


Index 


Computer Aided Design, See CAD 
Computer Aided Manufacturing, See 
CAM 
Computer Security Incident Response 
Team, See CSIRT 
conductor 787 
confidentiality 900 
configuration baselines 887 
Configuration Items, See Cls 
configuration management 7075 
Configuration Management Database, 
See CMDB 
Configuration Management System, 
See CMS 
connections 

keyed 35 

USB 36 
constants 7037 
Contact Image Sensor, See CIS 
contacts 536 
container virtualization 587 
Content Addressable Memory table, 
See CAM table 
contention 378 
contrast ratio 69 
Control Center 527 
Control Panel 676 
core clock speed 763 
corporate mail gateway 528 
counter logs 727 
CPU 

architectures 161 

form factor 165 

installation considerations 170 
CPU sockets 18 
critical updates 183 
CRM 584 
cron 840 
cron table 840 
crossover cables 305 
cryptographic hash 902 
CSIRT 958 
CSVs 536 
cultural sensitivity 1055 
current 187 
current working directory 769 
Customer Relationship Management, 
See CRM 
Cyan, Magenta, Yellow, and Black, See 
CMYK 
cyber warfare 918 


D 


DACs 94 

data backup 7020 

Data Collector Sets 727 

Data Loss Prevention, See DLP 
Data Over Cable Service Interface 
Specification, See DOCSIS 

data policies 940 

data restoration 7020 

Data Sources 702 

data types 7037, 1039 

daughter boards 23 

DC 187, 878 

DCOM 702 

DDoS attack 977 

DDR SDRAM 705 

declared variables 7037 

default gateway 346 

default masks 344 

defense in depth 365, 905 
defragmentation 826 

Degaussing 925 

Demilitarized Zone, See DMZ 
Denial of Service, See DoS 

Denial of Service attack, See DoS attack 
desktop 593 

desktop computers 73 

Desktop Publishing, See DTP 
desktop style 592 

detac corona 230 

developer roller 229 

device drivers 592 

DHCP 346 

dial-up connection 384 

die 760 

digital assistants 460 

digital cameras 99 

digital certificates 903, 984 

digital displays 69 

Digital Light Processing, See DLP 
Digital Rights Management, See DRM 
Digital Signal Processor chips, See DSP 
chips 

Digital Single Lens Reflex, See DSLR 
Digital Subscriber Line, See DSL 
Digital-to-Analog Converters, See DACs 
digital versatile discs, See DVDs 
Digital Visual Interface, See DVI 
digitizer 480 

DIMM 107 

diode 788 


1232 | The Official CompTIA® A+® Core 7 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


Direct Current, See DC 
direct thermal printers 244 
Disaster Recovery Plan, See DRP 
disk defragmentation 750 
disk images 668 
disk mirroring 740 
disk striping 739 
disk thrashing 746 
disk wiping 925 
DisplayPort 74 
distended capacitors 206 
Distinguished Name 364 
Distributed COM, See DCOM 
Distributed DoS attack, See DDoS 
attack 
distributions 764 

See also distros 
distros 764 
DLP 68, 946 
DMZ 418 
DNS 346, 357 
dock 790 
docking stations 473 
DOCSIS 334 
domain accounts 878 
domain controllers 878 
domain names 358 
Domain Name System, See DNS 
domains 874, 878 
DoS 565, 579 
DoS attack 977 
dot matrix printers 242 
dotted decimal notation 343 


Double Data Rate SDRAM, See DDR 


SDRAM 
DRAM 705 
drive controllers 779 
drive enclosures 736 
drive encryption 782 
drivers 60 
drives 

hot swappable 744 
DRM 948 
drop cables 305 
DRP 7020 
DSL 333 
DSL Access Multiplier, See DSLAM 
DSLAM 333 
DSLR 100 
DSP chips 94 
DTP 215 
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dual-channel memory 708 

dual heat pipes 769 

Dual Inline Memory Module, See DIMM 
dual rails 790 

dumpster diving 972 

duplexing assembly 230, 239 

DVD drives 734 

DVDs 730 

DVI 72 

dye sublimation 244 

Dynamic Host Configuration Protocol, 
See DHCP 

Dynamic RAM, See DRAM 


E 


EAP 905 
EAPoL 905 
Early-life Failure Rate 779 
eavesdropping 974 

See also sniffing 
e-books 537 
ECC memory 709 
EDR 573 
effective group ID 777 
EFS 943 
EIR database 522 
Electronic Paper Displays, See EPDs 
electrostatic discharge, See ESD 
electrostatic latent images 229 
electrostatic photographic drum, See 
EP drum 
email filtering 986 
embedded system 366 
Encrypting File System, See EFS 
encryption 

asymmetric 902 

symmetric 907 
encryption keys 529 
end of life system 599 
Endpoint Management Server 366 
End User License Agreement, See EULA 
energy 187 
Enhanced Data Rate, See EDR 
entry control rosters 924 
Entry-level Power Supply, See EPS 
environment variables 7037 
EP drum 228 
EPDs 508 
EPS 792 
EPT 164, 575 


Index 


Equipment Identity Register database, 
See EIR database 
erase lamp 230 
e-readers 508 
Error Checking and Correcting 
memory, See ECC memory 
eSATA standard 41 
escape characters 1040 
ESD 8 
ESS 329 
Ethernet 300 
EULA 946 
Event Viewer 729 
evil twin 565 
Exchange 
ActiveSync 528 
execution control 903 
exFAT 660 
expansion bus 22 
expansion cards 44 
See also add-on cards 
expansion slots 22 
Extended Hierarchical File System, See 
HFS Plus 
Extended Page Table, See EPT 
Extended Service Set, See ESS 
Extensible Authentication Protocol, See 
EAP 
Extensible Authentication Protocol 
over LAN, See EAPOL 
eXtensible Markup Language, See XML 
external transfer rate 119 
extranets 359 


F 


Face ID 544 

face lock 544 

factory default reset 555 

factory recovery partition 816 
See also Rescue Disk 

Fair Use Policy 1010 

false negatives 932 

false positives 932 

fast-charged 518 

FAT 659 

FAT16 659 

FAT32 659 

FDE 182, 944 

FDM 247 

feature updates 594 

federated identity management 541 


feed 229 
FFF 247 
Fiber to the Curb/Cabinet, See FITC 
Fiber to the Home, See FTTH 
Fiber to the Node, See FTTN 
Fiber to the Premises, See FTTP 
field replaceable units, See FRUs 
File Allocation Table, See FAT 
file attributes 646 
File Explorer 647 
file extensions 645 
File System Hierarchy 767 
File Transfer Protocol, See FTP 
Finder 793 
firewalls 
host 474 
network 474 
firmware 
system 775 
first responders 958 
flash memory 734 
flatbed scanners 289 
floating point numbers 7039 
Floating Point Unit, See FPU 
footprinting 972 
force stop 553 
forensics 959 
FPU 767 
FQDN 358 
fragmentation 824 
frame rate 69 
frames 376 
freeware 947 
frequency response 94 
friction feed 243 
FRUs 70, 16, 477 
FTP 362 
FITC 334 
FTTH 334 
FTTN 334 
FTTP 334 
full device encryption 546 
Full Disk Encryption, See FDE 
Fully Qualified Domain Name, See 
FQDN 
fuse 788 
fused deposition modeling, See FDM 
fused filament fabrication, See FFF 
fuser assembly 230 
fuses 4 
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game pads 56 
gaming rigs 275 
General Purpose registers, See GP 
registers 
geolocation 537 
geotagging 564 
geotracking 546 
gestures 788 
global address 357 
Global Positioning System, See GPS 
Global System for Mobile 
Communication, See GSM 
Gnome 765 
GNU 765 
Gov Cloud 583 
GPOs 694, 881 
GP registers 767 
GPS 577, 545 
GPT 740 
GPU 78 
Graphical User Interface, See GUI 
graphics adapters 77 
Graphics Processing Unit, See GPU 
grounding 
equipment 4 
Group Policy Objects, See GPOs 
GSM 337, 521 
GUI 592 
guidelines 7009 
GUID Partition Table, See GPT 
gyroscopes 507 


H 


hacker collectives 978 
haptic feedback 507 
hard disk drive, See HDD 
hardening 900 
hardware-assisted virtualization 764 
Hardware Compatibility List, See HCL 
hardware RAID solution 743 
hash 
cryptographic 902 
function 902 
HBAs 779 
HDD 
performance factors 778 
HDMI 72 
headsets 97 
head unit 540 
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health policy 905 
Heating, Ventilation, and Air 
Conditioning, See HVAC 
heat pipes 769 
heat sinks 767 
heat spreader 769 
heuristics 904, 968 
HFC 334 
HFS Plus 793 
HIDs 52 
High Definition Multimedia Interface, 
See HDMI 
hives 630 
home directory 769 
home folder 885 
homegroup 856 
home server PC 276 
home theater PC, See HTPC 
Host Bus Adapters, See HBAs 
host controller 36 
host firewalls 474 
host-hinted mode 722 
host ID 344 
host names 358 
hotfixes 829 
hotspots 524 
hot swappable 779 
hot swappable drives 744 
HT 162 
HTML 359 
HTPC 216 
HTT 762 
HTTP 359 
HTTP Over SSL, See HTTPS 
HTTPS 360 
HTTP Secure, See HTTPS 
hubs 36, 378 
Human Interface Devices, See HIDs 
HVAC 304, 998 
hybrid drives 722 
Hybrid Fiber Coax, See HFC 
HyperText Markup Language, See 
HTML 
HyperText Transfer Protocol, See HTTP 
HyperThreading 575 
See also HT 
HyperThreading Technology, See HTT 
hypervisors 573 


l 
I/O address 60 
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IA-32 161 
IA-64 161 
laaS 584 
iCloud 794 
iCloud Keychain 795 
ICM 940 
ICMP 343, 446 
identifiers 1037 
IDEs 1032 
IDS 367 
IEEE 802.11 300 
illuminance 70 
images 748, 805 
IMAP 361, 528 
IMEI 522 
impact printers 
paper feeding 243 
impersonation 911 
implicit deny 901 
IMSI number 522 
incident management 1009 
incident response policy 
documentation 958 
incidents 606, 958 
incineration 925 
Indoor Positioning System, See IPS 
Information Content Management, See 
ICM 
infrared, See IR 
Infrastructure as a Service, See laaS 
infrastructure mode 329 
Ingress Protection scales, See IP scales 
ink dispersion printers 226, 236 
inkjet printers 226, 236 
in-place upgrade 805 
In-Plane Switching, See IPS 
input devices 52 
input voltage 189 
insert mode 771 
installation boot method 807 
instruction sets 
x86-32 161 
insulator 188 
integers 1039 
Integrated Development 
Environments, See IDEs 
Integrated Services Digital Network, 
See ISDN 
integrity 900 
interfaces 34 
internal transfer rate 119 


International Mobile Station 
Equipment Identity, See IMEI 
International Mobile Subscriber 
Identity number, See IMSI number 
Internet backbone 332 

Internet Control Message Protocol, See 
ICMP 

Internet eXchange Points, See IXPs 
Internet Mail Access Protocol, See IMAP 
Internet Message Access Protocol, See 
IMAP 

Internet of Things, See loT 

Internet Protocol, See IP 

Internet Protocol Security, See IPSec 
Internet Service Providers, See ISPs 
Interrupt Request, See IRQ 

intranets 359 

Intrusion Detection System, See IDS 
Intrusion Protection System, See IPS 
inventory management 365 

iOS 600 

loT 457 

IP 342 

IPS 66, 367, 545 

IP scales 577 

IPSec 524, 907 

IR 515 

IRQ 60 

ISDN 335 

ISO file 807 

ISPs 332, 528 

ITIL 7075 

IT Infrastructure Library, See ITIL 
IXPs 332 


J 


jailbreaking 523 
jamming 565 
jitter 404 
joysticks 56 
jumpers 29 


K 


KBs 1007 

kernel 592, 764 

Keyboard, Video, Mouse switches, See 
KVM switches 

keyboards 52, 470 

keychains 794 

key exchange 902 
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key fobs 931 

keyloggers 965 

kill switch 545 

knowledge bases, See KBs 
KVM switches 56 


L 


Land Grid Array, See LGA 
lands 130 
lanes 26, 121 
LANs 298 
laptops 468 
laser printers 
process 228 
latency 404 
latent 959 
LC 311 
LDAP 364 
least privilege 901 
LED printers 230 
LEDs 198 
legacy 919 
legacy system 366 
LGA 165 
life expectancy 119 
Light Emitting Diodes, See LEDs 
Lightning 39 
Lightweight Directory Access Protocol, 
See LDAP 
line conditioners 995 
Line of Sight, See LoS 
link-local addresses 352 
links 26 
Linux 
processes 775 
Liquid Crystal Displays, See LCDs 
literal 777 
local accounts 875, 878 
Local Area Networks, See LANs 
Local Connector, See LC 
Local Security Accounts database 878 
Local Security Policy 857 
lockout policy 545 
locks 
types of 922 
logical operators 7039 
logical security 907 
logon scripts 884 
Lojack tracking software 783 
Long Term Evolution, See LTE 
loopback plugs 370 
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loops 7038 

LoS 336 

low level format 926 

LPL 806 

LTE 338 

LTE-A 338 

LTE Advanced, See LTE-A 
luminance 69 


M 


MAC 317 
MAC filtering 905 
MAC flooding 974 
macOS 787 
MACs 1016 
Magic Mouse 788 
Magic Trackpad 788 
main board 77 
main connector 790 
maintenance kits 233 
malware 

symptoms of infection 982 
managed switches 327 
Management Information Base, See 
MIB 
Man-in-the-Middle attack, See MITM 
attack 
MANs 299 
mantraps 923 
MAPI 360, 528 
mass storage devices 777 
Master Boot Record, See MBR 
Material Safety Data Sheet, See MSDS 
MBR 739 
MDM 529, 548, 906 
Mean Time Between Failure, See MTBF 
measured service 582 
Media Access Control, See MAC 
media centers 275 
media guides 229 
megapixels, See MPs 
MEID 522 
member servers 879 
memory cards 

readers 735 
memory modules 707 
Message Application Programming 
Interface, See MAPI 
Message Digest, See MD-5 
Messaging Application Programming 
Interface, See MAPI 
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metadata 564 
Metropolitan Area Networks, See 
MANs 
MFDs 227, 290 
MIB 365 
Micro-ATX 77 
microprocessors 760 
microsegmentation 379 
Microsoft account 875 
Microsoft Windows 593 
MIDI 97 
MIME 360 
MIMO 328 
Mini-ITX 78 
mirroring 740 
MITM attack 975 
MMF 377 
Mobile Device Management, See MDM 
mobile device synchronization 536 
Mobile Equipment ID, See MEID 
mobile hotspots 575 
mobile VPNs 524 
mobo 77 
Molex connectors 42, 797 
monitors 
LCD 66 
motherboards 


See also main board 


connector types 78 

form factors 17 

See also main board 
mount points 667, 767 
mouse 54 
Moves, Adds, and Changes, See MACs 
MPs 700 
MSDS 1001 
MTBF 779, 579, 998 
multiboot 870 
multiboot system 657 
multifactor authentication 548, 932 
Multi-Function Devices, See MFDs 
multimeters 200, 308 
Multi-Mode Fiber, See MMF 
multiple desktops 797 
Multiple-Input-Multiple-Output, See 
MIMO 
multiport repeater 378 
Multipurpose Internet Mail Extension, 
See MIME 
multitasking 762 
multitouch 507 


Musical Instrument Digital Interface, 
See MIDI 

mutual authentication 975 

mutual authentication for multiple 
services (SSO) 547 


N 


NAC 905 

NACK 356 

NAPT 348 

NAS 136, 276 

NAT 348, 476 

National Institute of Standards and 
Technology, See NIST 

native resolution 69 

Near Field Communications, See NFC 
Near Field Communications protocol, 
See NFC protocol 

Negative Acknowledgement, See NACK 
NetBIOS 364 

NetBIOS over TCP/IP, See NetBT 
NetBT 364 

Network Access Control, See NAC 
Network Address Port Translation, See 
NAPT 

Network Address Translation, See NAT 
Network Attached Storage, See NAS 
Network Basic Input/Output System, 
See NetBIOS 

network drive 863 

Network File System, See NFS 

network firewalls 474 

network ID 344 

Network Interface Cards, See NICs 
Network Interface layer 342 

Network Level Authentication, See NLA 
network mapping 973 

networks 298 

network topology 7006 

New Technology File System, See NTFS 
NFC 458, 514 

NFC protocol 58 

NFS 768 

NICs 316 

NIST 581 

NLA 434 

non-parity 109 

Non-Volatile Memory Host Controller 
Interface Specification, See NVMHCI 
notification shade 527 

NTFS 659 


1238 | The Official CompTIA® A+® Core 1 and Core 2 Student Guide (Exams 220-1001 and 220-1002) 


NVMe 121 
NVM Express, See NVMe 
NVMHCI 121 


O 


objects 725 
OCP 790 
OCR 289 
ODBC Data Sources 702 
offline files 886 
OLED 

display 507 
on-access 972 
onboard adapters 78 
onboarding 548 
One Time Password, See OTP 
On-Screen Display, See OSD 
open questions 7050 
open source 947 
operating system, See OS 
Optical Character Recognition, See OCR 
options 766 

See also switches 
Organic LED, See OLED 
Organizational Units, See OUs 
OS 

lifecycles 599 

types of 592 
OSD 80 
OS X 787 
OTG 37 
OTP 548 
OUs 879 
overclocking 763 
Overcurrent Protection, See OCP 


P 


PaaS 584 

packet filtering 474 

Page Description Language, See PDL 
pagefile 707 

PANs 330, 513 

paper jams 283 

Parallel Advanced Technology 
Attachment, See PATA 

parent directory 769 

parity checking 709 
partitioning 657 

passive cooling device 767 
password attacks 
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types of 976 
password policies 7070 
PAT 3, 416 
PATA 723 
patch 827 
See also update 
patch management 827 
Patch Tuesday 828 
Payment Card Industry Data Security 
Standard, See PCI DSS 
PCI bus 23 
PCI DSS 942 
PCle bus 25 
PCI Express bus, See PCle bus 
PDL 257 
PDUs 995 
peer-to-peer network 855 
Peripheral Component Interconnect 
bus, See PCI bus 
permissions 
files and folders 647 
Personal Area Networks, See PANs 


Personally Identifiable Information, See 


PII 

PGA 166 

PGP 529 

pharming 911 

PHI 941 

phishing 911 
photopolymer 248 
pickup roller 229 
picture elements, See pixels 
PID 705 

piezoelectric 237 

PII 947 

Pin Grid Array, See PGA 
pipe symbol 766 

pits 130 

pixels 69 

PKI 903 


Plain Old Telephone Service, See POTS 


Platform as a Service, See PaaS 
plenum 304 

Plug-and-Play 59, 683 

PNAC 905 

PoE 322 

PoE+ 322 

pointing devices 54 

Point of Presence, See PoP 
Point-to-Point Protocol, See PPP 
policies 857, 1009 
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PoP 332 
POP3 367, 528 
portable appliance testing, See PAT 
Port Address Translation, See PAT 
Port-based Network Access Control, 
See PNAC 
port forwarding 477 
port number 355 
port replicators 473 
ports 

female 35 

1/0 35 

keyed 35 

male 35 
port scanning 973 
port triggering 478 
POST 202, 739 
Post Office Protocol, See POP3 
POTS 332 
power 787 
Power Distribution Units, See PDUs 
power management 778, 680 
Power On Self Test, See POST 
Power over Ethernet, See PoE 
Power Sourcing Equipment, See PSE 
Power Supply Tester 207 
Power Supply Unit, See PSU 
PPP 333 
PPPOA 333 
PPPoE 333 
PPP over ATM, See PPPoA 
PPP over Ethernet, See PPPoE 
Preboot execution Environment, See 
PXE 
Preferred Roaming List, See PRL 
Pre-shared Key, See PSK 
Pretty Good Privacy, See PGP 
PRI 336 
primary charge roller 230 
primary group 777 
Primary Rate Interface, See PRI 
printer drivers 256 
printers 

3D 246 

direct thermal 244 

dot matrix 242 

impact 242 

ink dispersion 226, 236 

inkjet 226, 236 

laser 226, 227 

LED 230 


thermal 244 
virtual 253 
Windows 257 
printer types 226 
print jobs 259 
privacy filters 70 
privacy screens 925 
private addresses 348 
PRL 522 
probable causes 
determining 670 
problem management 606 
problems 
escalating 677 
identifying 608 
procedures 7009 
process ID 775 
Process ID, See PID 
professionalism 7057 
programs 592 
Protected Health Information, See PHI 
protocols 347 
protocol suite 347 
proxy server 368 
PSE 322 
pseudocode 7037 
PSK 402 
PSTN 332 
PSU 
adapter types 790 
form factors 788 
output voltages 790 
power ratings 789 
Public Key Infrastructure, See PKI 
Public Switched Telephone Network, 
See PSTN 
PXE 808 


Q 


QC 517 

QoS 375, 404 

QR codes 292 

QR scanners 292 

Quality of Service, See QoS 

quality updates 595 

Quick Charge, See QC 

Quick Response codes, See QR codes 


R 


radio firmware 523 
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Radio Frequency, See RF 
Radio Frequency ID, See RFID 
Radio Frequency ID badges, See RFID 
badges 
Radio Frequency ID tag, See RFID tag 
RADIUS 402, 933 
RAID 
configuration options 743 
levels 739 
rainbow tables 977 
RAM 79, 104 
Random Access Memory, See RAM 
range extender 329 
ransomware 966 
rapid elasticity 582 
Rapid Virtualization Indexing, See RVI 
RDPRA 434 
RDP Restricted Admin, See RDPRA 
real time 779 
Real Time Clock, See RTC 
Realtime Operating System, See RTOS 
Received Signal Strength Indicator, See 
RSSI 
recordable CD, See CD-R 
recovery disc 876 
Recovery Point Objective, See RPO 
Red Hat Package Manager, See rom 
redirection 983 
Redundant Array of Independent 
Disks, See RAID 
reference machine 878 
refresh rate 69 
regex 771 
Registered Jack connectors, See RJ 
connectors 
registers 767 
registration roller 230 
regular expression, See regex 
Relative Distinguished Name 364 
relative path 769 
remnant removal 925 
Remote Assistance 433, 719 
Remote Authentication Dial-in User 
Service, See RADIUS 
Remote Credential Guard 434 
Remote Desktop 433, 779 
remote wipe 545 
removable storage 730 
repeaters 378 
replay attacks 975, 933 
Request for Changes, See RFCs 
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Rescue Disk 876 
resistance 787 
resistor 788 
resolution 69, 700 
resource pooling 582 
response rate 69 
restore points 745 


Resultant Set of Policies, See RSoPs 
rewritable CD, See CD-RW 


RF 442 

RFCs 1017 

RFID 58, 458, 931 
RFID badge 923 

RFID tag 7004 

riser cards 22 

risks 970 

RJ-11 connectors 44 
RJ-45 304 

RJ-45 connectors 43 
RJ connectors 43 
roaming profiles 886 
rogue access point 565 
rogue VMs 578 

root directory 645 
rooting 523 

rootkits 966 

root user 777 
rotational latency 778 
routers 340 

routines 7037 

rpm 774 

RPO 1021 

RSA cipher 902 
RSoPs 887 

RSSI 443 

RTC 27 

RTC battery 27 

RTOS 523 

RVI 164, 575 


S 


S/MIME 529 
S/PDIF jacks 95 
S.M.A.R.T. 779 
SaaS 584 

sags 994 
sample 97 
sampling 97 
SAS 120 

SATA 47, 119 
SC a7 
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scalable fonts 252 
scanners 

barcode 291 

flatbed 289 

QR 292 

sheet-fed 290 
schematics 7006 
script files 7032 
scripting language 7032, 1033 
scripts 7032 
SCSI 42, 124 
SDK 534 
SDN 588 
SDRAM 705 
Second Level Address Translation, See 
SLAT 
sectors 778, 658 
secure boot 783, 808 
Secure Hash Algorithm, See SHA-1 
Secure Multipart Internet Mail 
Extensions, See S/MIME 
Secure Shell, See SSH 
Secure Sockets Layer, See SSL 
Secure Sockets Tunneling Protocol, See 
SSTP 
security controls 900 
security groups 846 
security incidents 957 
security templates 887 
seek time 779 
selective laser sintering, See SLS 
self-grounding 8 
Self-Monitoring Analysis and Reporting 
Technology, See S.M.A.R.T. 
semiconductor 788 
separation pad 229 
separation roller 229, 239 
Serial Advanced Technology 
Attachment, See SATA 
Serial Attached SCSI, See SAS 
server consolidation 578 
Server Message Block, See SMB 
server-side virtualization 578 
services 700 
Service Set ID, See SSID 
SFF case 74 
shareware 947 
sheet-fed scanners 290 
shell 593, 764 
Shielded Twisted Pair, See STP 
shoulder surfing 972 
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shredding 925 Spotlight Search 790 
Signal-to-Noise Ratio, See SNR spyware 965 
silicon chips 760 SSDs 121 
SIM cards 522 SSH 438 
Simple Mail Transfer Protocol, See SSID 402 
SMTP SSL 360, 528 
Simple Network Management SSO 547, 852 
Protocol, See SNMP SSTP 524 
Simultaneous Multithreading, See SMT ST 311 
single-channel memory 708 standard clients 273 
Single-Mode Fiber, See SMF See also thick clients 
Single Sign On, See SSO Standard Operating Procedures, See 
SLA 248 SOPs 
SLAT 164, 575 standards 1009 
slicing software 246 standoffs 17 
slipstreamed media 808 static eliminator 230 
SLS 248 stereolithography, See SLA 
Small Computer Systems Interface, See storage bus 27 
SCSI STP 304 
Small Form Factor case, See SFF case Straight Tip, See ST 
Small Office Home Office, See SOHO strings 1040 
Small Outline DIMM, See SODIMM striping 139 
smart card readers 57 structured cabling system 306 
smart cards 57 subnet mask 344 
SMB 362 Subscriber Connector, See SC 
SMF 311 Subscriber Identity Module cards, See 
SMP 163, 575 SIM cards 
SMT 162 subtractive 253 
SMTP 360, 528 superpipelining 162 
sniffing 914 superscalar architecture 162 
SNMP 365 SuperSpeed+ mode 37 
SNR 97 SuperSpeed mode 37 
social engineering superuser 771 
common exploits 911 Super VGA, See SVGA 
SODIMM 108, 478 supplicant 905 
soft reset 554 surge protectors 995 
Software as a Service, See SaaS surges 994 
Software Defined Networking, See SDN surround sound 96 
Software Development Kit, See SDK SVGA 70 
software tokens 933 swap partition 768 
SOHO 301, 393 switches 
Solid State Drives, See SSDs managed 321 
solid state storage 134 unmanaged 321 
Sony/Phillips Digital Interface jacks, See symmetric encryption 901 
S/PDIF jacks Symmetric Multiprocessing, See SMP 
SOPs 1009, 1016 Synchronous DRAM, See SDRAM 
sound cards 94 syslog 366 
spam 985 system board 17 
spear phishing 911 system case 
spikes 994 See also chassis 
spoofing 911, 915 cover 15 
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front panel 75 

rear cover 75 

See also chassis 
system clock 23 
system files 646 
system memory 

volatile 704 
system partition 658, 809 
system resources 60 


T 


TA 336 

Tab completion 767 

TACACS+ 934 

tailgating 912, 922 

Task Manager 703 

Task Scheduler 839 

TB 39 

TCO 227 

TCP 342, 356 

TCP/IP 341 

Telnet 437 

Terminal Access Controller Access 
Control System Plus, See TACACS+ 
Terminal Adapter, See TA 
terminal window 765 

tethering 515 

TFT 66 

THD 97 

thermal paper 245 

thermal paste 167 

thermal printers 244 

thermal wax transfer 244 

thick clients 213 

thin clients 213 

Thin Film Transistor, See TFT 
thrashed 217 

threads 162 

threat 910 

threat actor 910 

threat agent 910 

three-factor authentication 932 
throttling 164 

Thunderbolt, See TB 

Time Machine 802 

TLDs 357 

TLS 360 

TN 66 

tone generator and probe 309 
Top Level Domains, See TLDs 
Total Cost of Ownership, See TCO 
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Total Harmonic Distortion, See THD 
touchpads 55, 469, 788 
touchscreens 471, 507 
tower case 13 
TPM 782, 945 
trace logs 727 
traces 27 
tracks 778 
transfer belt 230 
transfer roller 230 
transistor 788 
Transmission Control Protocol, See TCP 
Transmission Control Protocol/Internet 
Protocol, See TCP/IP 
Transport Control Protocol, See TCP 
Transport Layer Security, See TLS 
trickle charge 578 
trip hazards 6 
Trojan Horses 965 
troubleshooting 

basics 606 

helpful documentation for 7006 
Trusted Platform Module, See TPM 
TWAIN 297 
Twisted Nematic, See TN 
two-factor authentication 932 
Type 1 hypervisors 574 
Type 2 hypervisors 574 


U 


UAC 679 

UDP 342, 356 

UEFI 775, 808 

UEFI setup 775 

unattended installation 804 
undeclared variables 7037 
undocumented features 799 

unicast addressing 346 

Unified Extensible Firmware Interface, 
See UEFI 

unified file system 767 

Unified Threat Management, See UTM 
Uniform Resource Locator, See URL 
Uninterruptible Power Supply, See UPS 
Universal Plug-and-Play, See UPnP 
Universal Serial Bus, See USB 

UNIX 607 

unmanaged switches 327 

Unshielded Twisted Pair, See UTP 
update 827 

UPnP 479 


UPS 995 

URL 359 

USB 36 

USB 2.0 (HighSpeed) standard 36 
USB On the Go, See OTG 

User Account Control, See UAC 
user accounts 213, 617, 846 

User Datagram Protocol, See UDP 
UTM 367 

UTP 302 


V 


variables 

declared 1037 

environment 1037 

undeclared 1037 
VBR 739 
vCards 536 
VDE 585 
VDI 213, 585 
vector fonts 252 
vector graphics 253 
Very Small Aperture Terminal, See 
VSAT 
VGA 

port 71 
video cards 77 

See also graphics adapters 
Video Graphics Array, See VGA 
video projectors 67 
virtual application streaming 586 
virtual assistants 460 
virtual desktop 765 
Virtual Desktop Environment, See VDE 
Virtual Desktop Infrastructure, See VDI 
virtual file system 767 
virtualization 

client-side 578 

server-side 578 
Virtualization Technology, See VT-x 
Virtual LANs, See VLANs 
Virtual Machines, See VMs 
virtual memory 705, 722 
Virtual Network Computing, See VNC 
virtual printers 253 
Virtual Private Network, See VPN 
virtual reality, See VR 
Virtual Reality headsets, See VR 
headsets 
virtual switches, See vSwitches 
viruses 964 
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VLANs 321, 341 

VM escaping 579 

VMs 164, 214 

VM sprawl 578 

VNC 439 

voltage 187 

voltage regulators 190 

Volume Boot Record, See VBR 

VPN 349, 524, 907 

VR 68 

VR headsets 
mobile 68 
tethered 68 

VSAT 336 

vSwitches 576 

VT-x 575 

vulnerability 910 


W 


Wake on LAN, See WoL 
Wake-on-Wireless LAN, See WoWLAN 
walled garden model 534 

WANs 299 

wearable technology 508 

wear leveling 722 

webcams 99 

web servers 359 

WEP 407 

What You See Is What You Get, See 
WYSIWYG 

whitelisting 905 

WIA 291 

Wide Area Networks, See WANs 
Wi-Fi 326 

Wi-Fi Analyzer 444 

Wi-Fi Analyzers 562 

Wi-Fi Direct 256 

Wi-Fi Protected Access, See WPA 
Wi-Fi Protected Setup, See WPS 
wildcards 653, 766 

Windows Firewall 420 

Windows Image Acquisition, See WIA 
Windows Logo'd Product List, See LPL 
Windows Media Center 598 
Windows Presentation Foundation, See 
WPF 

Windows printers 257 

Windows registry 629 

Windows Resource Protection 737 
Windows Server 593 
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Windows Server Domain Controller, 
See DC 

Windows Settings 677 

Wired Equivalent Privacy, See WEP 
Wireless Internet Service Provider, See 
WISP 

Wireless LANs, See WLANs 
Wireless Mesh Network, See WMN 
Wireless Wide Area Network, See 
WWAN 

WISP 337 

WLANs 326 

WMN 329 

WoL 377 

workgroups 874, 855 

work instructions 7076 
workstations 274 

worms 965 

WoWLAN 377 

WPA 407 

WPF 257 

WPS 398 

WWAN 385 

WYSIWYG 257 


X 


x64 161 
x86-32 161 
See also |A-32 
x86-64 767 
See also x64 
XML 877 
XML Print Specification, See XPS 
XPS 257 


Y 
yum 774 


Z 


zero-day 919 

Zero Insertion Force socket, See ZIF 
socket 

ZIF socket 766 

Zigbee 458 

zombies 977, 986 

Z-Wave 458 
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